Marcus Updateinfo to OVAL Converter5.52022-05-20T06:26:47CVE-1999-0524SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
ModerateCVE-1999-0524SUSE bug 992991cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2002-2443SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.
ImportantCVE-2002-2443SUSE bug 825985SUSE bug 871411SUSE bug 887734cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2003-1605SUSE Linux Enterprise Desktop 12 SP3
curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.
ImportantCVE-2003-1605SUSE bug 1105868cpe:/o:suse:sled:12:sp3CVE-2004-0230SUSE Linux Enterprise Desktop 12
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
ModerateCVE-2004-0230SUSE bug 1184394SUSE bug 1198501SUSE bug 969340SUSE bug 989152cpe:/o:suse:sled:12CVE-2004-0801SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
ImportantCVE-2004-0801SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 852368SUSE bug 957531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2004-2771SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
ImportantCVE-2004-2771SUSE bug 909208cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2004-2779SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS).
ModerateCVE-2004-2779SUSE bug 1081959cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2005-1264SUSE Linux Enterprise Desktop 12 SP3
Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.
ImportantCVE-2005-1264SUSE bug 84043cpe:/o:suse:sled:12:sp3CVE-2005-1265SUSE Linux Enterprise Desktop 12 SP3
The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).
ModerateCVE-2005-1265SUSE bug 84728cpe:/o:suse:sled:12:sp3CVE-2005-2553SUSE Linux Enterprise Desktop 12 SP3
The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program.
ModerateCVE-2005-2553SUSE bug 139565cpe:/o:suse:sled:12:sp3CVE-2005-3590SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory.
ModerateCVE-2005-3590SUSE bug 1132195cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2005-4886SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The selinux_parse_skb_ipv6 function in security/selinux/hooks.c in the Linux kernel before 2.6.12-rc4 allows remote attackers to cause a denial of service (OOPS) via vectors associated with an incorrect call to the ipv6_skip_exthdr function.
ImportantCVE-2005-4886cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2006-0855SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected.
ModerateCVE-2006-0855SUSE bug 153057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2006-2607SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.
ImportantCVE-2006-2607SUSE bug 178863SUSE bug 537178cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2006-4197SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.
ImportantCVE-2006-4197SUSE bug 199134cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2006-4484SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
ModerateCVE-2006-4484SUSE bug 200181SUSE bug 355864SUSE bug 356187SUSE bug 357978SUSE bug 372642SUSE bug 374257SUSE bug 386009SUSE bug 709852cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2006-4980SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
ImportantCVE-2006-4980SUSE bug 208223SUSE bug 406051cpe:/o:suse:sled:12:sp4CVE-2006-7250SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message.
ModerateCVE-2006-7250SUSE bug 748738SUSE bug 883307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2006-7254SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.
ModerateCVE-2006-7254SUSE bug 1132193cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-0899SUSE Linux Enterprise Desktop 12 SP4
There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
ImportantCVE-2007-0899SUSE bug 1156183cpe:/o:suse:sled:12:sp4CVE-2007-1669SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
ImportantCVE-2007-1669SUSE bug 271781cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-2052SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
ModerateCVE-2007-2052SUSE bug 276889cpe:/o:suse:sled:12:sp4CVE-2007-2721SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.
ModerateCVE-2007-2721SUSE bug 258253SUSE bug 339731SUSE bug 340138cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-3126SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237.
LowCVE-2007-3126SUSE bug 1032241cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-3852SUSE Linux Enterprise Desktop 12 SP4
The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code.
ModerateCVE-2007-3852SUSE bug 298308cpe:/o:suse:sled:12:sp4CVE-2007-3999SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.
CriticalCVE-2007-3999SUSE bug 302377SUSE bug 305261cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2007-4129SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory.
ModerateCVE-2007-4129SUSE bug 304180cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-4308SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.
ImportantCVE-2007-4308SUSE bug 326270SUSE bug 329764cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-4567SUSE Linux Enterprise Desktop 12 SP4
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
ImportantCVE-2007-4567SUSE bug 307626SUSE bug 570608cpe:/o:suse:sled:12:sp4CVE-2007-4571SUSE Linux Enterprise Desktop 12 SP3
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
ModerateCVE-2007-4571SUSE bug 328404cpe:/o:suse:sled:12:sp3CVE-2007-4772SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
ImportantCVE-2007-4772SUSE bug 329282cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-4774SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.
ModerateCVE-2007-4774SUSE bug 1161116cpe:/o:suse:sled:12:sp4CVE-2007-5970SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
ModerateCVE-2007-5970SUSE bug 348307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-6209SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
ModerateCVE-2007-6209SUSE bug 346454cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-6335SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3
Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.
CriticalCVE-2007-6335SUSE bug 343277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3CVE-2007-6600SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3) SET ROLE and (4) SET SESSION AUTHORIZATION within index functions, which allows remote authenticated users to gain privileges.
ModerateCVE-2007-6600SUSE bug 329282SUSE bug 537706cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-6720SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.
LowCVE-2007-6720SUSE bug 468760cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-6746SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or (3) the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
ModerateCVE-2007-6746SUSE bug 817120cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2007-6761SUSE Linux Enterprise Desktop 12 SP1
drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf leak via unspecified vectors, a different vulnerability than CVE-2010-5321.
ModerateCVE-2007-6761SUSE bug 1035720cpe:/o:suse:sled:12:sp1CVE-2007-6762SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.
ModerateCVE-2007-6762SUSE bug 1143172cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-0352SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).
ImportantCVE-2008-0352SUSE bug 307626cpe:/o:suse:sled:12:sp4CVE-2008-0674SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.
ImportantCVE-2008-0674SUSE bug 359153cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-0928SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
ModerateCVE-2008-0928SUSE bug 362956cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-1227SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data. NOTE: some of these details are obtained from third party information.
ImportantCVE-2008-1227SUSE bug 369067cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-1420SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.
ImportantCVE-2008-1420SUSE bug 372246cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-1483SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
ImportantCVE-2008-1483SUSE bug 1069509SUSE bug 373527SUSE bug 585630SUSE bug 647633SUSE bug 706386cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-1686SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
CriticalCVE-2008-1686SUSE bug 377602SUSE bug 379098cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-1721SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
ImportantCVE-2008-1721SUSE bug 379044cpe:/o:suse:sled:12:sp4CVE-2008-1887SUSE Linux Enterprise Desktop 12 SP4
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
CriticalCVE-2008-1887SUSE bug 379534cpe:/o:suse:sled:12:sp4CVE-2008-1945SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
ImportantCVE-2008-1945SUSE bug 362956cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-2109SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop.
ModerateCVE-2008-2109SUSE bug 387731cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-2315SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.
ImportantCVE-2008-2315SUSE bug 406051SUSE bug 443653cpe:/o:suse:sled:12:sp4CVE-2008-2365SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around &dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514. NOTE: this issue might only affect kernel versions before 2.6.16.x.
ModerateCVE-2008-2365SUSE bug 404288cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-2382SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
ModerateCVE-2008-2382SUSE bug 461565SUSE bug 464142cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-3272SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
ModerateCVE-2008-3272SUSE bug 414947cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-3275SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
ModerateCVE-2008-3275SUSE bug 413936cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-3522SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
ModerateCVE-2008-3522SUSE bug 1178702SUSE bug 392410cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-3825SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.
ModerateCVE-2008-3825SUSE bug 425861cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-3915SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.
CriticalCVE-2008-3915SUSE bug 423515cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-4225SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
ImportantCVE-2008-4225SUSE bug 445677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-4226SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
CriticalCVE-2008-4226SUSE bug 441368cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-4316SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.
ModerateCVE-2008-4316SUSE bug 382708SUSE bug 449927SUSE bug 475541cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-4409SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a certain XML document, a different vulnerability than CVE-2003-1564 and CVE-2008-3281.
ModerateCVE-2008-4409SUSE bug 432486cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-4539SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.
ImportantCVE-2008-4539SUSE bug 435135SUSE bug 448551cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-4546SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
ModerateCVE-2008-4546SUSE bug 436058SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2008-4936SUSE Linux Enterprise Desktop 12
faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.
ModerateCVE-2008-4936SUSE bug 442596cpe:/o:suse:sled:12CVE-2008-4989SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).
ModerateCVE-2008-4989SUSE bug 392947SUSE bug 441856SUSE bug 467911cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-5077SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
ModerateCVE-2008-5077SUSE bug 459468SUSE bug 465675SUSE bug 465676SUSE bug 468866SUSE bug 470968SUSE bug 475108SUSE bug 552497SUSE bug 629905SUSE bug 708266cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-5913SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack."
LowCVE-2008-5913SUSE bug 468762SUSE bug 603356cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-5984SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
ModerateCVE-2008-5984SUSE bug 470096cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-7247SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
ModerateCVE-2008-7247SUSE bug 557669SUSE bug 604528cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2008-7316SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length.
LowCVE-2008-7316SUSE bug 963764cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-0035SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.
ModerateCVE-2009-0035SUSE bug 533396cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0036SUSE Linux Enterprise Desktop 12 SP3
Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check.
ImportantCVE-2009-0036SUSE bug 1085554cpe:/o:suse:sled:12:sp3CVE-2009-0037SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.
ModerateCVE-2009-0037SUSE bug 475103SUSE bug 527990cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0040SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
ModerateCVE-2009-0040SUSE bug 472745SUSE bug 478625SUSE bug 608040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0159SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
ModerateCVE-2009-0159SUSE bug 484653SUSE bug 501632cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0163SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow.
ModerateCVE-2009-0163SUSE bug 485895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0179SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
ModerateCVE-2009-0179SUSE bug 468760cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0186SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
CriticalCVE-2009-0186SUSE bug 481769cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0269SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.
ModerateCVE-2009-0269SUSE bug 470942cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0316SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair.
ModerateCVE-2009-0316SUSE bug 470100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0322SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.
ModerateCVE-2009-0322SUSE bug 470943cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0342SUSE Linux Enterprise Desktop 12 SP4
Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
ModerateCVE-2009-0342SUSE bug 483819SUSE bug 483820cpe:/o:suse:sled:12:sp4CVE-2009-0368SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.
ModerateCVE-2009-0368SUSE bug 480262SUSE bug 548555cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0590SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
ModerateCVE-2009-0590SUSE bug 459468SUSE bug 489641SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0591SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
ModerateCVE-2009-0591SUSE bug 489641SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0652SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233. NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.
ImportantCVE-2009-0652SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0688SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
ModerateCVE-2009-0688SUSE bug 499104cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0696SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
ImportantCVE-2009-0696SUSE bug 526185cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0758SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.
ModerateCVE-2009-0758SUSE bug 480865cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0771SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.
CriticalCVE-2009-0771SUSE bug 478625cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0772SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.
CriticalCVE-2009-0772SUSE bug 478625cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0773SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.
CriticalCVE-2009-0773SUSE bug 478625cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0774SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.
CriticalCVE-2009-0774SUSE bug 478625cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0775SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.
CriticalCVE-2009-0775SUSE bug 478625cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0776SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
ImportantCVE-2009-0776SUSE bug 465291SUSE bug 478625cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0777SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.
ModerateCVE-2009-0777SUSE bug 478625cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0789SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
ImportantCVE-2009-0789SUSE bug 459468SUSE bug 489641SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0790SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.
ModerateCVE-2009-0790SUSE bug 487762cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0793SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
ModerateCVE-2009-0793SUSE bug 490610SUSE bug 521512SUSE bug 521513cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0799SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
ModerateCVE-2009-0799SUSE bug 487100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0800SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
ImportantCVE-2009-0800SUSE bug 487100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0834SUSE Linux Enterprise Desktop 12 SP4
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
ModerateCVE-2009-0834SUSE bug 483819SUSE bug 483820cpe:/o:suse:sled:12:sp4CVE-2009-0835SUSE Linux Enterprise Desktop 12 SP4
The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.
ModerateCVE-2009-0835SUSE bug 483819SUSE bug 483820cpe:/o:suse:sled:12:sp4CVE-2009-0844SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.
ModerateCVE-2009-0844SUSE bug 486722cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0845SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.
ImportantCVE-2009-0845SUSE bug 485894SUSE bug 486722cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0846SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.
CriticalCVE-2009-0846SUSE bug 486723cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0847SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
ImportantCVE-2009-0847SUSE bug 486722cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0901SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
CriticalCVE-2009-0901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-0945SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.
ModerateCVE-2009-0945SUSE bug 512559SUSE bug 515124SUSE bug 541632SUSE bug 601349SUSE bug 644114cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-0946SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
ModerateCVE-2009-0946SUSE bug 485889SUSE bug 496289SUSE bug 541626cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1044SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
ImportantCVE-2009-1044SUSE bug 465291SUSE bug 488955cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1046SUSE Linux Enterprise Desktop 12 SP4
The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an "off-by-two memory error." NOTE: it is not clear whether this issue crosses privilege boundaries.
ModerateCVE-2009-1046SUSE bug 478699cpe:/o:suse:sled:12:sp4CVE-2009-1072SUSE Linux Enterprise Desktop 12 SP4
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.
ModerateCVE-2009-1072SUSE bug 487681SUSE bug 497551cpe:/o:suse:sled:12:sp4CVE-2009-1169SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.
ModerateCVE-2009-1169SUSE bug 488955SUSE bug 509766SUSE bug 510964SUSE bug 515951cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1179SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
ImportantCVE-2009-1179SUSE bug 487100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1180SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
ImportantCVE-2009-1180SUSE bug 487100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1181SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
ModerateCVE-2009-1181SUSE bug 487100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
ImportantCVE-2009-1182SUSE bug 487100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1183SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
ModerateCVE-2009-1183SUSE bug 487100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1185SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
ImportantCVE-2009-1185SUSE bug 1034330SUSE bug 493158SUSE bug 550249SUSE bug 776925cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1187SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
ModerateCVE-2009-1187SUSE bug 487100SUSE bug 508153SUSE bug 508154SUSE bug 539875SUSE bug 566697cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1188SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
ModerateCVE-2009-1188SUSE bug 487100SUSE bug 508153SUSE bug 508154SUSE bug 539875SUSE bug 546400SUSE bug 566697cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1210SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
ModerateCVE-2009-1210SUSE bug 491449SUSE bug 493584cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1252SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
ModerateCVE-2009-1252SUSE bug 501632cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1267SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
ModerateCVE-2009-1267SUSE bug 493584cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1268SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
LowCVE-2009-1268SUSE bug 493584cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1269SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
LowCVE-2009-1269SUSE bug 493584cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1273SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
ModerateCVE-2009-1273SUSE bug 492764SUSE bug 507729cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1302SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
CriticalCVE-2009-1302SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1303SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
CriticalCVE-2009-1303SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1304SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
CriticalCVE-2009-1304SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1305SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
CriticalCVE-2009-1305SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1306SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
ModerateCVE-2009-1306SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1307SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
ImportantCVE-2009-1307SUSE bug 495473SUSE bug 515951cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1308SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
ModerateCVE-2009-1308SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1309SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
ModerateCVE-2009-1309SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1310SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
LowCVE-2009-1310SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1311SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
ModerateCVE-2009-1311SUSE bug 465291SUSE bug 495473SUSE bug 515951cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1312SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.
ModerateCVE-2009-1312SUSE bug 495473cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1313SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.
ImportantCVE-2009-1313SUSE bug 500909SUSE bug 502062cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1337SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
ModerateCVE-2009-1337SUSE bug 1171985SUSE bug 492768cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1364SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file.
ModerateCVE-2009-1364SUSE bug 495842cpe:/o:suse:sled:12CVE-2009-1377SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."
ModerateCVE-2009-1377SUSE bug 459468SUSE bug 504687SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1378SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
ModerateCVE-2009-1378SUSE bug 459468SUSE bug 504687SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1379SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
ModerateCVE-2009-1379SUSE bug 459468SUSE bug 504687SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1384SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
LowCVE-2009-1384SUSE bug 507729cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1386SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
ModerateCVE-2009-1386SUSE bug 459468SUSE bug 509031SUSE bug 515659SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1387SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
ModerateCVE-2009-1387SUSE bug 459468SUSE bug 509031SUSE bug 515659SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1415SUSE Linux Enterprise Desktop 12 SP3
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free.
ModerateCVE-2009-1415SUSE bug 497886SUSE bug 505494cpe:/o:suse:sled:12:sp3CVE-2009-1563SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CriticalCVE-2009-1563SUSE bug 522109SUSE bug 545277SUSE bug 546371SUSE bug 557126SUSE bug 557127SUSE bug 557128SUSE bug 557671cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1630SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.
ModerateCVE-2009-1630SUSE bug 1175689SUSE bug 503353cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1720SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information.
ModerateCVE-2009-1720SUSE bug 527538SUSE bug 527539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1721SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
ModerateCVE-2009-1721SUSE bug 527538SUSE bug 527539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1862SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
ImportantCVE-2009-1862SUSE bug 524508cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1863SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to a "privilege escalation vulnerability."
CriticalCVE-2009-1863cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1864SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2009-1864cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1865SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, related to a "null pointer vulnerability."
CriticalCVE-2009-1865cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1866SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2009-1866cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1867SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability."
ModerateCVE-2009-1867cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1868SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.
CriticalCVE-2009-1868cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1869SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
CriticalCVE-2009-1869cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1870SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."
ModerateCVE-2009-1870cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-1885SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
ModerateCVE-2009-1885SUSE bug 530708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1886SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename.
CriticalCVE-2009-1886SUSE bug 513360SUSE bug 515479cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1888SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.
LowCVE-2009-1888SUSE bug 513360SUSE bug 515479cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-1892SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.
ModerateCVE-2009-1892SUSE bug 519413cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2285SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
ModerateCVE-2009-2285SUSE bug 518698cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2347SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
ModerateCVE-2009-2347SUSE bug 519796SUSE bug 616827cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2395SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.
ImportantCVE-2009-2395cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-2417SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2009-2417SUSE bug 527990SUSE bug 528372cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2470SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
ModerateCVE-2009-2470cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2473SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
ModerateCVE-2009-2473SUSE bug 528370SUSE bug 532345cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2474SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2009-2474SUSE bug 528370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2493SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
CriticalCVE-2009-2493SUSE bug 548655SUSE bug 558653SUSE bug 564513SUSE bug 566705cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-2624SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression.
ModerateCVE-2009-2624SUSE bug 570331SUSE bug 588113cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2625SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
ImportantCVE-2009-2625SUSE bug 525562SUSE bug 530717SUSE bug 534025SUSE bug 534721SUSE bug 537969SUSE bug 540945SUSE bug 548655SUSE bug 550664SUSE bug 553220SUSE bug 558892SUSE bug 581162SUSE bug 581765SUSE bug 610080SUSE bug 611931SUSE bug 611932cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2654SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.
ModerateCVE-2009-2654SUSE bug 527489cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2666SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2009-2666SUSE bug 528746cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2694SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376.
ImportantCVE-2009-2694SUSE bug 527100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2703SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.
ModerateCVE-2009-2703SUSE bug 537214cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2767SUSE Linux Enterprise Desktop 12 SP4
The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference.
ImportantCVE-2009-2767SUSE bug 529555cpe:/o:suse:sled:12:sp4CVE-2009-2813SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.
ModerateCVE-2009-2813SUSE bug 515479SUSE bug 539517SUSE bug 543115cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2820SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues.
ModerateCVE-2009-2820SUSE bug 548317SUSE bug 551563SUSE bug 574336cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2848SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
ImportantCVE-2009-2848SUSE bug 527865cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2905SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.
ModerateCVE-2009-2905SUSE bug 540930cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2906SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.
ModerateCVE-2009-2906SUSE bug 515479SUSE bug 543115cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-2910SUSE Linux Enterprise Desktop 12 SP4
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
ModerateCVE-2009-2910SUSE bug 1175785SUSE bug 543740cpe:/o:suse:sled:12:sp4CVE-2009-2948SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option.
LowCVE-2009-2948SUSE bug 515479SUSE bug 542150SUSE bug 543115cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3026SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions.
ModerateCVE-2009-3026SUSE bug 535570SUSE bug 550170cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3069SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3069SUSE bug 534458cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3070SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2009-3070SUSE bug 534458SUSE bug 538290cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3071SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2009-3071SUSE bug 534458SUSE bug 538290cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3072SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.
CriticalCVE-2009-3072SUSE bug 534458SUSE bug 538290SUSE bug 590499SUSE bug 607935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3073SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3073SUSE bug 534458cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3074SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2009-3074SUSE bug 538290cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3075SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.
ModerateCVE-2009-3075SUSE bug 534458SUSE bug 538290SUSE bug 590499SUSE bug 607935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3077SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."
CriticalCVE-2009-3077SUSE bug 534458SUSE bug 538290SUSE bug 590499SUSE bug 607935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3078SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.
ModerateCVE-2009-3078SUSE bug 534458SUSE bug 538290cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3079SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.
ModerateCVE-2009-3079SUSE bug 534458SUSE bug 538290cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3083SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.
ModerateCVE-2009-3083SUSE bug 536602SUSE bug 550170cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3084SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect "UTF16-LE" charset name.
ModerateCVE-2009-3084SUSE bug 536602SUSE bug 550170cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3085SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images.
ModerateCVE-2009-3085SUSE bug 536602SUSE bug 550170cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3241SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.
ModerateCVE-2009-3241SUSE bug 541654cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3242SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure.
ModerateCVE-2009-3242SUSE bug 541659cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3243SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.
ModerateCVE-2009-3243SUSE bug 541655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3245SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
ImportantCVE-2009-3245SUSE bug 587379SUSE bug 590833SUSE bug 593560SUSE bug 629905SUSE bug 641950cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3274SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.
ImportantCVE-2009-3274SUSE bug 522109SUSE bug 534458SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3295SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm referral implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a ticket request.
ModerateCVE-2009-3295SUSE bug 561347cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3297SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0787, CVE-2010-0788, CVE-2010-0789. Reason: this candidate was intended for one issue in Samba, but it was used for multiple distinct issues, including one in FUSE and one in ncpfs. Notes: All CVE users should consult CVE-2010-0787 (Samba), CVE-2010-0788 (ncpfs), and CVE-2010-0789 (FUSE) to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage.
LowCVE-2009-3297SUSE bug 550002SUSE bug 550003SUSE bug 550004SUSE bug 577925SUSE bug 583535SUSE bug 583536SUSE bug 594263SUSE bug 620680SUSE bug 651598cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3370SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.
ModerateCVE-2009-3370SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3371SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.
CriticalCVE-2009-3371SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3372SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
ModerateCVE-2009-3372SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3373SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2009-3373SUSE bug 522109SUSE bug 545277SUSE bug 557686cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3374SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects."
CriticalCVE-2009-3374SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3375SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.
ModerateCVE-2009-3375SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3376SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.
LowCVE-2009-3376SUSE bug 522109SUSE bug 545277SUSE bug 590499SUSE bug 607935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3377SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3377SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3378SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a crafted .ogg video file.
CriticalCVE-2009-3378SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3379SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663.
ModerateCVE-2009-3379SUSE bug 522109SUSE bug 545277SUSE bug 608192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3380SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2009-3380SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3381SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3381SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3383SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3383SUSE bug 522109SUSE bug 545277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3388SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to "memory safety issues."
CriticalCVE-2009-3388SUSE bug 559807cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3389SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.
CriticalCVE-2009-3389SUSE bug 559807SUSE bug 581722cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3553SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information.
ModerateCVE-2009-3553SUSE bug 554861SUSE bug 574336SUSE bug 578215cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
ModerateCVE-2009-3555SUSE bug 1077582SUSE bug 459468SUSE bug 552497SUSE bug 553641SUSE bug 554069SUSE bug 554084SUSE bug 554085SUSE bug 555177SUSE bug 557168SUSE bug 564507SUSE bug 566041SUSE bug 584292SUSE bug 586567SUSE bug 588996SUSE bug 590826SUSE bug 592589SUSE bug 594415SUSE bug 604782SUSE bug 614753SUSE bug 622073SUSE bug 623905SUSE bug 629905SUSE bug 642531SUSE bug 646073SUSE bug 646906SUSE bug 648140SUSE bug 648950SUSE bug 659926SUSE bug 670152SUSE bug 704832SUSE bug 728876SUSE bug 729181SUSE bug 753357SUSE bug 791794SUSE bug 799454SUSE bug 815621SUSE bug 979060SUSE bug 986238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3560SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.
ModerateCVE-2009-3560SUSE bug 550666SUSE bug 558892SUSE bug 561561SUSE bug 581162SUSE bug 581765SUSE bug 611931SUSE bug 694595SUSE bug 725950cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3607SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CriticalCVE-2009-3607SUSE bug 546393SUSE bug 566697cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3608SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
ModerateCVE-2009-3608SUSE bug 543090SUSE bug 543410SUSE bug 546400SUSE bug 546404SUSE bug 556049SUSE bug 566697cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3612SUSE Linux Enterprise Desktop 12 SP4
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881.
ModerateCVE-2009-3612SUSE bug 536467cpe:/o:suse:sled:12:sp4CVE-2009-3615SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
ModerateCVE-2009-3615SUSE bug 548072SUSE bug 550170cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3623SUSE Linux Enterprise Desktop 12 SP4
The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 subsystem in the Linux kernel before 2.6.31.2 attempts to access a credentials cache even when a client specifies the AUTH_NULL authentication flavor, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an NFSv4 mount request.
ImportantCVE-2009-3623SUSE bug 549029cpe:/o:suse:sled:12:sp4CVE-2009-3627SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character.
ModerateCVE-2009-3627SUSE bug 550076SUSE bug 585716cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3720SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.
ModerateCVE-2009-3720SUSE bug 534721SUSE bug 550664SUSE bug 550666SUSE bug 558892SUSE bug 561561SUSE bug 581162SUSE bug 581765SUSE bug 611931SUSE bug 725950cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3736SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
ModerateCVE-2009-3736SUSE bug 556122cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3793SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3793SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-3794SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.
ImportantCVE-2009-3794SUSE bug 560259cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-3796SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."
CriticalCVE-2009-3796SUSE bug 560259cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-3797SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
CriticalCVE-2009-3797SUSE bug 560259cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-3798SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
CriticalCVE-2009-3798SUSE bug 560259cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-3799SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."
CriticalCVE-2009-3799SUSE bug 560259cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-3800SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3800SUSE bug 560259cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-3939SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
ModerateCVE-2009-3939SUSE bug 555173SUSE bug 557180cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3951SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windows allows remote attackers to obtain the names of local files via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4820.
ImportantCVE-2009-3951SUSE bug 560259cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2009-3979SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3979SUSE bug 559807cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3980SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3980SUSE bug 559807cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3982SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3982SUSE bug 559807cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3983SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
ModerateCVE-2009-3983SUSE bug 559807SUSE bug 590499SUSE bug 607935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3984SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.
ModerateCVE-2009-3984SUSE bug 559807cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3985SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
ModerateCVE-2009-3985SUSE bug 559807cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3995SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.
ModerateCVE-2009-3995SUSE bug 577875SUSE bug 625547SUSE bug 752802cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-3996SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
CriticalCVE-2009-3996SUSE bug 577875cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4012SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in LibThai before 0.1.13 might allow context-dependent attackers to execute arbitrary code via long strings that trigger heap-based buffer overflows, related to (1) thbrk/thbrk.c and (2) thwbrk/thwbrk.c. NOTE: some of these details are obtained from third party information.
ModerateCVE-2009-4012SUSE bug 569615cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4019SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
LowCVE-2009-4019SUSE bug 557669SUSE bug 604528cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4022SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
ImportantCVE-2009-4022SUSE bug 558260SUSE bug 570912SUSE bug 644911cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4026SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."
ImportantCVE-2009-4026SUSE bug 558267cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4027SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.
ImportantCVE-2009-4027SUSE bug 558267cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4028SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
ModerateCVE-2009-4028SUSE bug 557669SUSE bug 604528cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4029SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete.
LowCVE-2009-4029SUSE bug 559815SUSE bug 770618SUSE bug 786745cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4030SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
LowCVE-2009-4030SUSE bug 557669SUSE bug 604528cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4034SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
LowCVE-2009-4034SUSE bug 564710SUSE bug 603968cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4131SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions.
ImportantCVE-2009-4131SUSE bug 561018SUSE bug 564380cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4136SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.
ModerateCVE-2009-4136SUSE bug 564360SUSE bug 603969cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.
ModerateCVE-2009-4138SUSE bug 564712cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4212SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.
CriticalCVE-2009-4212SUSE bug 561351cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4308SUSE Linux Enterprise Desktop 12 SP3
The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.
ModerateCVE-2009-4308SUSE bug 564382cpe:/o:suse:sled:12:sp3CVE-2009-4355SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
ModerateCVE-2009-4355SUSE bug 459468SUSE bug 552497SUSE bug 566238SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4492SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
ModerateCVE-2009-4492SUSE bug 570616SUSE bug 580482cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4536SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.
ImportantCVE-2009-4536SUSE bug 567376cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-4538SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.
ImportantCVE-2009-4538SUSE bug 567376cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-5029SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
ModerateCVE-2009-5029SUSE bug 735850SUSE bug 736174SUSE bug 759836SUSE bug 826666cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-5044SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.
ModerateCVE-2009-5044SUSE bug 698290SUSE bug 703666cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-5080SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib/pic2graph/pic2graph.sh scripts in GNU troff (aka groff) 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files via a symlink attack on a file in a temporary directory, a different vulnerability than CVE-2004-1296.
LowCVE-2009-5080SUSE bug 703665cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-5081SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969.
LowCVE-2009-5081SUSE bug 703666cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-5146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2009-5146SUSE bug 915976SUSE bug 919648SUSE bug 922647cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2009-5147SUSE Linux Enterprise Desktop 12
DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names.
LowCVE-2009-5147SUSE bug 939860SUSE bug 959495cpe:/o:suse:sled:12CVE-2009-5155SUSE Linux Enterprise Desktop 12 SP4
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
ModerateCVE-2009-5155SUSE bug 1127223cpe:/o:suse:sled:12:sp4CVE-2010-0001SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
ImportantCVE-2010-0001SUSE bug 570331SUSE bug 588113cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0003SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.
ModerateCVE-2010-0003SUSE bug 569902cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0007SUSE Linux Enterprise Desktop 12 SP3
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application.
ModerateCVE-2010-0007SUSE bug 570602SUSE bug 570606cpe:/o:suse:sled:12:sp3CVE-2010-0013SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
ModerateCVE-2010-0013SUSE bug 567799SUSE bug 569616SUSE bug 581201cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0164SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.
CriticalCVE-2010-0164cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0165SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.
CriticalCVE-2010-0165cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0166SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.
ModerateCVE-2010-0166cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0167SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.
CriticalCVE-2010-0167cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0168SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser's add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting.
ImportantCVE-2010-0168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0169SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser's font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.
ModerateCVE-2010-0169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0170SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.
ModerateCVE-2010-0170cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0171SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.
ModerateCVE-2010-0171cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0172SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.
ModerateCVE-2010-0172cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0173SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2010-0173SUSE bug 586567cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0174SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-0174SUSE bug 586567cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0176SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability."
CriticalCVE-2010-0176SUSE bug 586567cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0177SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."
CriticalCVE-2010-0177SUSE bug 586567cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0178SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.
CriticalCVE-2010-0178SUSE bug 586567cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0181SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.
ModerateCVE-2010-0181SUSE bug 586567cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.
ModerateCVE-2010-0182SUSE bug 586567cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0186SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.
ModerateCVE-2010-0186SUSE bug 578997SUSE bug 580470cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-0187SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.
ModerateCVE-2010-0187SUSE bug 578997cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-0209SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216.
ImportantCVE-2010-0209SUSE bug 630108cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-0277SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.
ModerateCVE-2010-0277SUSE bug 567799SUSE bug 569616SUSE bug 581201cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0283SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.
ImportantCVE-2010-0283SUSE bug 571781SUSE bug 576524cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0393SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.
ModerateCVE-2010-0393SUSE bug 574336cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0405SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
ModerateCVE-2010-0405SUSE bug 636978SUSE bug 646682cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0407SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
ModerateCVE-2010-0407SUSE bug 609317SUSE bug 641823cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0420SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname.
ModerateCVE-2010-0420SUSE bug 569616SUSE bug 581201cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat.
ModerateCVE-2010-0423SUSE bug 569616SUSE bug 581201cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0424SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.
ModerateCVE-2010-0424SUSE bug 579447SUSE bug 580800SUSE bug 589640SUSE bug 590353cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0540SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.
ModerateCVE-2010-0540SUSE bug 601830SUSE bug 671735SUSE bug 680210SUSE bug 680212SUSE bug 700987SUSE bug 711490SUSE bug 715643SUSE bug 748422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0541SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.
ModerateCVE-2010-0541SUSE bug 600752cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0542SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.
ModerateCVE-2010-0542SUSE bug 601352SUSE bug 644521SUSE bug 657780cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
ModerateCVE-2010-0547SUSE bug 577868SUSE bug 577925SUSE bug 583535SUSE bug 583536SUSE bug 594263SUSE bug 597421SUSE bug 602694SUSE bug 709819cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0624SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.
ModerateCVE-2010-0624SUSE bug 579475SUSE bug 608034cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0628SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token.
ImportantCVE-2010-0628SUSE bug 582557SUSE bug 586981cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0654SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
ModerateCVE-2010-0654SUSE bug 583603SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0728SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.
ImportantCVE-2010-0728SUSE bug 586683cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0740SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-0740SUSE bug 590833SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0742SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.
ModerateCVE-2010-0742SUSE bug 610642cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0750SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument.
ModerateCVE-2010-0750SUSE bug 593959cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0787SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.
ModerateCVE-2010-0787SUSE bug 550002SUSE bug 602694SUSE bug 620680cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-0926SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.
ModerateCVE-2010-0926SUSE bug 1027147SUSE bug 577868SUSE bug 597421cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1028SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.
CriticalCVE-2010-1028cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1121SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
CriticalCVE-2010-1121SUSE bug 603356cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1125SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
ModerateCVE-2010-1125SUSE bug 603356cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.
ModerateCVE-2010-1146SUSE bug 593906cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1163SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.
ModerateCVE-2010-1163SUSE bug 594738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1167SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted (1) message header or (2) POP3 UIDL list.
ModerateCVE-2010-1167SUSE bug 597673cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1169SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.
ModerateCVE-2010-1169SUSE bug 605926SUSE bug 648140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1170SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.
ModerateCVE-2010-1170SUSE bug 605845SUSE bug 605926SUSE bug 634562SUSE bug 648140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1172SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services.
ModerateCVE-2010-1172SUSE bug 628607SUSE bug 633621SUSE bug 633622SUSE bug 633623SUSE bug 633629SUSE bug 633637SUSE bug 633639SUSE bug 633648SUSE bug 633652SUSE bug 633653SUSE bug 633654SUSE bug 633658SUSE bug 633660SUSE bug 633678SUSE bug 633679SUSE bug 633681SUSE bug 633682SUSE bug 633685SUSE bug 633686SUSE bug 633700SUSE bug 633701SUSE bug 633702cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1196SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
CriticalCVE-2010-1196SUSE bug 603356SUSE bug 617399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1197SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.
ModerateCVE-2010-1197SUSE bug 603356SUSE bug 617399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1198SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.
CriticalCVE-2010-1198SUSE bug 603356SUSE bug 617399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1199SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
CriticalCVE-2010-1199SUSE bug 603356SUSE bug 617399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1200SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-1200SUSE bug 603356SUSE bug 617399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1201SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2010-1201SUSE bug 603356SUSE bug 617399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1202SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-1202SUSE bug 603356SUSE bug 617399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1203SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.
CriticalCVE-2010-1203SUSE bug 603356SUSE bug 617399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1205SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
ImportantCVE-2010-1205SUSE bug 1188284SUSE bug 617866SUSE bug 622506SUSE bug 639941SUSE bug 854395cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1206SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call.
ModerateCVE-2010-1206SUSE bug 618183SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1207SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.
ModerateCVE-2010-1207SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1208SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.
CriticalCVE-2010-1208SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1209SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.
CriticalCVE-2010-1209SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1210SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.
ModerateCVE-2010-1210SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1211SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-1211SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1212SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function.
CriticalCVE-2010-1212SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1213SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.
ModerateCVE-2010-1213SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1214SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.
CriticalCVE-2010-1214SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1215SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object from the chrome scope."
CriticalCVE-2010-1215SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1297SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.
ImportantCVE-2010-1297SUSE bug 612063SUSE bug 612064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-1320SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation.
ImportantCVE-2010-1320SUSE bug 596002cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1321SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.
ModerateCVE-2010-1321SUSE bug 596826SUSE bug 611090SUSE bug 646073SUSE bug 648950SUSE bug 658525SUSE bug 659926SUSE bug 663953SUSE bug 679560cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1322SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
ModerateCVE-2010-1322SUSE bug 640990cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1323SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.
ModerateCVE-2010-1323SUSE bug 650650cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1324SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
ModerateCVE-2010-1324SUSE bug 650650cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1436SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demonstrated by writing from an ext3 file system to a gfs2 file system.
ImportantCVE-2010-1436SUSE bug 599957cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1455SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
ModerateCVE-2010-1455SUSE bug 603251cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1624SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.
ModerateCVE-2010-1624SUSE bug 604225cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1633SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information.
LowCVE-2010-1633SUSE bug 610642cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1635SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value.
ModerateCVE-2010-1635SUSE bug 605935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1641SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
ModerateCVE-2010-1641SUSE bug 608576cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1642SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request.
ModerateCVE-2010-1642SUSE bug 605935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1646SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
ModerateCVE-2010-1646SUSE bug 594738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-1748SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs.
ModerateCVE-2010-1748SUSE bug 601352SUSE bug 604271SUSE bug 644521SUSE bug 649256SUSE bug 657780cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2063SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
ImportantCVE-2010-2063SUSE bug 611927cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2065SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.
ModerateCVE-2010-2065SUSE bug 612787SUSE bug 612879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2066SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
LowCVE-2010-2066SUSE bug 612457cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2067SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.
ImportantCVE-2010-2067SUSE bug 612787SUSE bug 612879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2074SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2010-2074SUSE bug 609451cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2156SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.
ModerateCVE-2010-2156SUSE bug 612546cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2160SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2160SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2161SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."
CriticalCVE-2010-2161SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2162SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.
CriticalCVE-2010-2162SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2163SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors.
CriticalCVE-2010-2163SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2164SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."
CriticalCVE-2010-2164SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2165SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2165SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2166SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2166SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2167SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.
CriticalCVE-2010-2167SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2169SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2010-2169SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2170SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183.
CriticalCVE-2010-2170SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2171SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2171SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2172SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a denial of service via unknown vectors.
ModerateCVE-2010-2172SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2173SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
CriticalCVE-2010-2173SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2174SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173.
CriticalCVE-2010-2174SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2175SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2175SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2176SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2176SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2177SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2177SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2178SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2178SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2179SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.
CriticalCVE-2010-2179SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2180SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2180SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2181SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183.
CriticalCVE-2010-2181SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2182SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2183SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181.
CriticalCVE-2010-2183SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2184SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188.
CriticalCVE-2010-2184SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2185SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2010-2185SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2186SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-2186SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2187SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188.
CriticalCVE-2010-2187SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2188SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
CriticalCVE-2010-2188SUSE bug 612063SUSE bug 630108cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2189SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2010-2189SUSE bug 612063cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2213SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216.
CriticalCVE-2010-2213SUSE bug 630108cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2214SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216.
CriticalCVE-2010-2214SUSE bug 630108cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2216SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214.
CriticalCVE-2010-2216SUSE bug 630108cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2233SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG input."
ImportantCVE-2010-2233SUSE bug 612879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2240SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
ImportantCVE-2010-2240SUSE bug 1039348SUSE bug 211997SUSE bug 546062SUSE bug 59807SUSE bug 615929SUSE bug 618152SUSE bug 632737SUSE bug 643986SUSE bug 746947SUSE bug 746949cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2242SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.
ModerateCVE-2010-2242SUSE bug 618155cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2243SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.
ImportantCVE-2010-2243SUSE bug 617903cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2244SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081.
ModerateCVE-2010-2244SUSE bug 603289SUSE bug 646961cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2252SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
ModerateCVE-2010-2252SUSE bug 606317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2494SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with invalid base64 data that begins with an = (equals) character.
ModerateCVE-2010-2494SUSE bug 619847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2497SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
ImportantCVE-2010-2497SUSE bug 619562SUSE bug 635692cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2522SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message.
ModerateCVE-2010-2522SUSE bug 424311cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2523SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted (1) ND_OPT_PREFIX_INFORMATION or (2) ND_OPT_HOME_AGENT_INFO packet.
ModerateCVE-2010-2523SUSE bug 424311cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2528SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag for a (1) desc or (2) title element.
ModerateCVE-2010-2528SUSE bug 630965cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2529SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response.
ImportantCVE-2010-2529SUSE bug 620837cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2546SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995.
CriticalCVE-2010-2546SUSE bug 625547SUSE bug 752802cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.
ModerateCVE-2010-2547SUSE bug 625947cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2640SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ModerateCVE-2010-2640SUSE bug 660555cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2641SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ModerateCVE-2010-2641SUSE bug 660555cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2642SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ModerateCVE-2010-2642SUSE bug 660555SUSE bug 661018SUSE bug 662411SUSE bug 664484SUSE bug 790421cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2643SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ModerateCVE-2010-2643SUSE bug 660555cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2751SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.
ModerateCVE-2010-2751SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2752SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.
CriticalCVE-2010-2752SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2753SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.
CriticalCVE-2010-2753SUSE bug 622506SUSE bug 637303cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2754SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.
ModerateCVE-2010-2754SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2755SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.
CriticalCVE-2010-2755SUSE bug 622506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2760SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.
ModerateCVE-2010-2760SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2761SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.
ModerateCVE-2010-2761SUSE bug 657343SUSE bug 657731SUSE bug 663396SUSE bug 669245SUSE bug 670476cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2762SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.
CriticalCVE-2010-2762SUSE bug 637303cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2764SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.
ModerateCVE-2010-2764SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2765SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow.
ModerateCVE-2010-2765SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2766SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.
ModerateCVE-2010-2766SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2767SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability."
ModerateCVE-2010-2767SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2768SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.
ModerateCVE-2010-2768SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2769SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.
ModerateCVE-2010-2769SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2800SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library.
ModerateCVE-2010-2800SUSE bug 627753cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2801SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.
ModerateCVE-2010-2801SUSE bug 627753cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2805SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
ModerateCVE-2010-2805SUSE bug 629447SUSE bug 635692cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2884SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.
ModerateCVE-2010-2884SUSE bug 638466SUSE bug 639541cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-2891SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier (aka OID) represented as a numerical string containing many components separated by . (dot) characters.
ModerateCVE-2010-2891SUSE bug 649867cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2935SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."
ModerateCVE-2010-2935SUSE bug 629085cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2936SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
ModerateCVE-2010-2936SUSE bug 629085cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2939SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue.
ModerateCVE-2010-2939SUSE bug 489641SUSE bug 629905cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2941SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
ImportantCVE-2010-2941SUSE bug 649256SUSE bug 654627cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2942SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.
ModerateCVE-2010-2942SUSE bug 632309SUSE bug 642324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2947SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a string that is inconsistent with the expected number of fields.
ImportantCVE-2010-2947SUSE bug 631582cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2954SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via multiple unsuccessful calls to bind on an AF_IRDA (aka PF_IRDA) socket.
ModerateCVE-2010-2954SUSE bug 636112cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2955SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size.
ModerateCVE-2010-2955SUSE bug 635413cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-2993SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
ModerateCVE-2010-2993SUSE bug 630599cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3053SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string.
ModerateCVE-2010-3053SUSE bug 633938SUSE bug 635692SUSE bug 645982cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3054SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.
ModerateCVE-2010-3054SUSE bug 633943SUSE bug 635692SUSE bug 645982cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3069SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
CriticalCVE-2010-3069SUSE bug 637218cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3081SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
ImportantCVE-2010-3081SUSE bug 639709SUSE bug 641575SUSE bug 871595cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3166SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.
ModerateCVE-2010-3166SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3167SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."
ModerateCVE-2010-3167SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3168SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.
ModerateCVE-2010-3168SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3169SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2010-3169SUSE bug 637303SUSE bug 638109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3170SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
ModerateCVE-2010-3170SUSE bug 637290SUSE bug 645315SUSE bug 652858SUSE bug 868629cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3173SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
ModerateCVE-2010-3173SUSE bug 645315cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3174SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-3174SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3175SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-3175SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3176SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-3176SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3177SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.
ModerateCVE-2010-3177SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3178SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.
ModerateCVE-2010-3178SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3179SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.
CriticalCVE-2010-3179SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3180SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.
CriticalCVE-2010-3180SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
ModerateCVE-2010-3182SUSE bug 642502SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3183SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function.
CriticalCVE-2010-3183SUSE bug 645315SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3296SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call.
ModerateCVE-2010-3296SUSE bug 639481SUSE bug 649187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3297SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.
ModerateCVE-2010-3297SUSE bug 639482SUSE bug 649187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3298SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
ModerateCVE-2010-3298SUSE bug 639483SUSE bug 649187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3301SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.
ImportantCVE-2010-3301SUSE bug 639708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3310SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function call, related to the rose_bind and rose_connect functions.
ImportantCVE-2010-3310SUSE bug 640721cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3311SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797.
ImportantCVE-2010-3311SUSE bug 635692SUSE bug 641580SUSE bug 645982cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3430SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
ModerateCVE-2010-3430SUSE bug 623457SUSE bug 631802cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3431SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
ModerateCVE-2010-3431SUSE bug 623457cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3433SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.
ModerateCVE-2010-3433SUSE bug 643771SUSE bug 648140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3445SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.
ModerateCVE-2010-3445SUSE bug 643078cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3609SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-3609SUSE bug 642571cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3611SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field.
ModerateCVE-2010-3611SUSE bug 650902SUSE bug 667655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3613SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.
ImportantCVE-2010-3613SUSE bug 657129cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3614SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
ModerateCVE-2010-3614SUSE bug 657102cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3615SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
ImportantCVE-2010-3615SUSE bug 657120cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3616SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520.
ModerateCVE-2010-3616SUSE bug 659059cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3654SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
ImportantCVE-2010-3654SUSE bug 650145SUSE bug 651232SUSE bug 656765cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2010-3698SUSE Linux Enterprise Desktop 12 SP4
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
ModerateCVE-2010-3698SUSE bug 1161450cpe:/o:suse:sled:12:sp4CVE-2010-3711SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.
ModerateCVE-2010-3711SUSE bug 648273cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3765SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
CriticalCVE-2010-3765SUSE bug 649492SUSE bug 652858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3814SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font.
ModerateCVE-2010-3814SUSE bug 647375SUSE bug 689174cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3853SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.
ModerateCVE-2010-3853SUSE bug 647958cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3855SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.
ModerateCVE-2010-3855SUSE bug 647375SUSE bug 689174cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-3864SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.
ImportantCVE-2010-3864SUSE bug 629905SUSE bug 651003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4000SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
ModerateCVE-2010-4000SUSE bug 642827cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4020SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations.
ModerateCVE-2010-4020SUSE bug 650650cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4021SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."
ModerateCVE-2010-4021SUSE bug 650650cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4022SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.
ModerateCVE-2010-4022SUSE bug 662665cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4180SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
ModerateCVE-2010-4180SUSE bug 657663SUSE bug 674017SUSE bug 711693SUSE bug 724729SUSE bug 799454cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4252SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol.
ImportantCVE-2010-4252SUSE bug 657663SUSE bug 711693SUSE bug 724729cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4267SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.
ModerateCVE-2010-4267SUSE bug 336658SUSE bug 808355cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4300SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
ModerateCVE-2010-4300SUSE bug 655448cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4301SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
ModerateCVE-2010-4301SUSE bug 655448cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4341SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
ModerateCVE-2010-4341SUSE bug 660481cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4352SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
ModerateCVE-2010-4352SUSE bug 659934cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4410SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172.
ModerateCVE-2010-4410SUSE bug 657343SUSE bug 660127SUSE bug 663396SUSE bug 670476cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4411SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.
ModerateCVE-2010-4411SUSE bug 657343SUSE bug 657731SUSE bug 663396SUSE bug 669245SUSE bug 670476cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4494SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
ModerateCVE-2010-4494SUSE bug 1123919SUSE bug 661471cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4523SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.
ModerateCVE-2010-4523SUSE bug 660109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4530SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.
ModerateCVE-2010-4530SUSE bug 661000cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4531SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.
ModerateCVE-2010-4531SUSE bug 661000cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4538SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
ModerateCVE-2010-4538SUSE bug 662029cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4540SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-4540SUSE bug 662043cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4541SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lights" field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself.
ModerateCVE-2010-4541SUSE bug 662043cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4542SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-4542SUSE bug 662043cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4543SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-4543SUSE bug 662043SUSE bug 692877cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4565SUSE Linux Enterprise Desktop 12 SP4
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename.
LowCVE-2010-4565SUSE bug 1161355SUSE bug 651218cpe:/o:suse:sled:12:sp4CVE-2010-4651SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
ModerateCVE-2010-4651SUSE bug 1093615SUSE bug 1101128SUSE bug 662957cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4665SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.
ModerateCVE-2010-4665SUSE bug 687442SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-4777SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.
ModerateCVE-2010-4777cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-5298SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.
ModerateCVE-2010-5298SUSE bug 873351SUSE bug 880891SUSE bug 883126SUSE bug 885777SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-5313SUSE Linux Enterprise Desktop 12 SP4
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842.
ModerateCVE-2010-5313SUSE bug 905312SUSE bug 907822cpe:/o:suse:sled:12:sp4CVE-2010-5325SUSE Linux Enterprise Desktop 12
Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.
ModerateCVE-2010-5325SUSE bug 966830cpe:/o:suse:sled:12CVE-2010-5328SUSE Linux Enterprise Desktop 12 SP1
include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this process group.
LowCVE-2010-5328SUSE bug 1021109cpe:/o:suse:sled:12:sp1CVE-2010-5329SUSE Linux Enterprise Desktop 12 SP1
The video_usercopy function in drivers/media/video/v4l2-ioctl.c in the Linux kernel before 2.6.39 relies on the count value of a v4l2_ext_controls data structure to determine a kmalloc size, which might allow local users to cause a denial of service (memory consumption) via a large value.
ModerateCVE-2010-5329SUSE bug 1035719cpe:/o:suse:sled:12:sp1CVE-2010-5331SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user-controllable where it is used.
CriticalCVE-2010-5331SUSE bug 1143173cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2010-5332SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access.
CriticalCVE-2010-5332SUSE bug 1143170cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0010SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.
ModerateCVE-2011-0010SUSE bug 663881cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0014SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."
ModerateCVE-2011-0014SUSE bug 670526cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0020SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
ModerateCVE-2011-0020SUSE bug 666101cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0024SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.
ModerateCVE-2011-0024SUSE bug 683335cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0064SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
ModerateCVE-2011-0064SUSE bug 666101SUSE bug 672502cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0068SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2011-0068SUSE bug 689281cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0069SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070.
ModerateCVE-2011-0069SUSE bug 689281cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0070SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069.
CriticalCVE-2011-0070SUSE bug 689281cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0079SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors.
CriticalCVE-2011-0079SUSE bug 689281cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0080SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-0080SUSE bug 689281cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0081SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-0081SUSE bug 689281cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0084SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."
ImportantCVE-2011-0084SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0192SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.
ImportantCVE-2011-0192SUSE bug 672510SUSE bug 682053SUSE bug 682871SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0226SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
ModerateCVE-2011-0226SUSE bug 704612SUSE bug 728044cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0281SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
ModerateCVE-2011-0281SUSE bug 663619cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0282SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
ImportantCVE-2011-0282SUSE bug 663619cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0284SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data.
ModerateCVE-2011-0284SUSE bug 671717cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0285SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition.
ModerateCVE-2011-0285SUSE bug 687469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0413SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
ModerateCVE-2011-0413SUSE bug 667655SUSE bug 680298cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0414SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
ImportantCVE-2011-0414SUSE bug 674431cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0421SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation.
ModerateCVE-2011-0421SUSE bug 681193cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0460SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.
ModerateCVE-2011-0460cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0461SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab.
ModerateCVE-2011-0461SUSE bug 665479cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0465SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
ImportantCVE-2011-0465SUSE bug 674733SUSE bug 688931cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0523SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.
ModerateCVE-2011-0523SUSE bug 666839cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0524SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.
ModerateCVE-2011-0524SUSE bug 666839cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0538SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
ModerateCVE-2011-0538SUSE bug 669908cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0541SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.
ModerateCVE-2011-0541SUSE bug 668820SUSE bug 685055cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0558SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.
ImportantCVE-2011-0558SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
CriticalCVE-2011-0559SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0560SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
CriticalCVE-2011-0560SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0561SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
CriticalCVE-2011-0561SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
CriticalCVE-2011-0571SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0572SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
CriticalCVE-2011-0572SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0573SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
CriticalCVE-2011-0573SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0574SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
CriticalCVE-2011-0574SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0575SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CriticalCVE-2011-0575SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0577SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.
CriticalCVE-2011-0577SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0578SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.
CriticalCVE-2011-0578SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0589SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.
CriticalCVE-2011-0589SUSE bug 669550SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0607SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.
CriticalCVE-2011-0607SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0608SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
CriticalCVE-2011-0608SUSE bug 670531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0609SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
ModerateCVE-2011-0609SUSE bug 679672SUSE bug 683367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0611SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
ModerateCVE-2011-0611SUSE bug 686818cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0618SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2011-0618SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0619SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0620, CVE-2011-0621, and CVE-2011-0622.
CriticalCVE-2011-0619SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0620SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0621, and CVE-2011-0622.
CriticalCVE-2011-0620SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0621SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0622.
CriticalCVE-2011-0621SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0622SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0621.
CriticalCVE-2011-0622SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0623SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0624, CVE-2011-0625, and CVE-2011-0626.
CriticalCVE-2011-0623SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0624SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0625, and CVE-2011-0626.
CriticalCVE-2011-0624SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0625SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0624, and CVE-2011-0626.
CriticalCVE-2011-0625SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0626SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0624, and CVE-2011-0625.
CriticalCVE-2011-0626SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0627SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content, as possibly exploited in the wild in May 2011 by a Microsoft Office document with an embedded .swf file.
CriticalCVE-2011-0627SUSE bug 693573cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-0711SUSE Linux Enterprise Desktop 12 SP4
The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.
ModerateCVE-2011-0711SUSE bug 672505SUSE bug 672524cpe:/o:suse:sled:12:sp4CVE-2011-0712SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c.
ModerateCVE-2011-0712SUSE bug 672499cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0713SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.
ModerateCVE-2011-0713SUSE bug 672916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0719SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.
ModerateCVE-2011-0719SUSE bug 670431cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0904SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.
ImportantCVE-2011-0904SUSE bug 690238SUSE bug 691207SUSE bug 691356cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0905SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.
LowCVE-2011-0905SUSE bug 690238SUSE bug 691207SUSE bug 691356cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-0997SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
ImportantCVE-2011-0997SUSE bug 675052SUSE bug 689182SUSE bug 708527SUSE bug 715172cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1000SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media.
ModerateCVE-2011-1000SUSE bug 673257cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1002SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
ModerateCVE-2011-1002SUSE bug 671797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1004SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack.
ModerateCVE-2011-1004SUSE bug 673740cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1005SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
ModerateCVE-2011-1005SUSE bug 673750SUSE bug 783511SUSE bug 783525SUSE bug 880899cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1006SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries.
ImportantCVE-2011-1006SUSE bug 675506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2011-1020SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.
ModerateCVE-2011-1020SUSE bug 674982cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1022SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.
ModerateCVE-2011-1022SUSE bug 675048cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2011-1091SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.
LowCVE-2011-1091SUSE bug 736189cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1097SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
ModerateCVE-2011-1097SUSE bug 684387cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1098SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.
ModerateCVE-2011-1098SUSE bug 1007000SUSE bug 1136195SUSE bug 677335SUSE bug 677336cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.
ModerateCVE-2011-1138SUSE bug 678567cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.
ModerateCVE-2011-1139SUSE bug 678568cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.
ModerateCVE-2011-1140SUSE bug 678569cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
ModerateCVE-2011-1143SUSE bug 678571cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1145SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
ModerateCVE-2011-1145SUSE bug 678796SUSE bug 764737cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.
ModerateCVE-2011-1146SUSE bug 678406cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1154SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
ModerateCVE-2011-1154SUSE bug 677335SUSE bug 679661SUSE bug 681984cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1155SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
ModerateCVE-2011-1155SUSE bug 677335SUSE bug 679662cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1164SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.
ModerateCVE-2011-1164SUSE bug 680072cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1167SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
ModerateCVE-2011-1167SUSE bug 683337SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1180SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length.
ImportantCVE-2011-1180SUSE bug 681497cpe:/o:suse:sled:12:sp4CVE-2011-1187SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
ModerateCVE-2011-1187SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1202SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
LowCVE-2011-1202SUSE bug 689281SUSE bug 692619cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
ModerateCVE-2011-1485SUSE bug 1032717SUSE bug 688788cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1488SUSE Linux Enterprise Desktop 12 SP4
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time.
LowCVE-2011-1488SUSE bug 679030SUSE bug 681568cpe:/o:suse:sled:12:sp4CVE-2011-1489SUSE Linux Enterprise Desktop 12 SP4
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.
ModerateCVE-2011-1489SUSE bug 681568cpe:/o:suse:sled:12:sp4CVE-2011-1490SUSE Linux Enterprise Desktop 12 SP4
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset
ImportantCVE-2011-1490SUSE bug 681568cpe:/o:suse:sled:12:sp4CVE-2011-1493SUSE Linux Enterprise Desktop 12 SP3
Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket.
ImportantCVE-2011-1493SUSE bug 681175cpe:/o:suse:sled:12:sp3CVE-2011-1521SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (resource consumption) via a crafted URL, as demonstrated by the file:///etc/passwd and file:///dev/zero URLs.
ModerateCVE-2011-1521SUSE bug 682554cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1526SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.
ModerateCVE-2011-1526SUSE bug 698471cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1527SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions.
ImportantCVE-2011-1527SUSE bug 719393SUSE bug 743742cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1528SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. NOTE: the Berkeley DB vector is covered by CVE-2011-4151.
ImportantCVE-2011-1528SUSE bug 719393SUSE bug 743742cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1529SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors.
ImportantCVE-2011-1529SUSE bug 719393SUSE bug 743742cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1530SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error.
ModerateCVE-2011-1530SUSE bug 730393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1577SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
ModerateCVE-2011-1577SUSE bug 687113SUSE bug 692784cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1581SUSE Linux Enterprise Desktop 12 SP4
The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.
ModerateCVE-2011-1581SUSE bug 687116cpe:/o:suse:sled:12:sp4CVE-2011-1585SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.
ModerateCVE-2011-1585SUSE bug 687812cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1590SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
ModerateCVE-2011-1590SUSE bug 688109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1591SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
ModerateCVE-2011-1591SUSE bug 688109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1592SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
ModerateCVE-2011-1592SUSE bug 688109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1709SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.
ModerateCVE-2011-1709SUSE bug 694858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1758SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.
ModerateCVE-2011-1758SUSE bug 691135cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1761SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.
ModerateCVE-2011-1761SUSE bug 691137SUSE bug 710726cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1830SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so.
ModerateCVE-2011-1830SUSE bug 1134166cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1831SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.
ImportantCVE-2011-1831SUSE bug 709771SUSE bug 711539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1832SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.
ImportantCVE-2011-1832SUSE bug 709771SUSE bug 711539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1833SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.
ModerateCVE-2011-1833SUSE bug 709771SUSE bug 711539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1834SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.
ImportantCVE-2011-1834SUSE bug 709771SUSE bug 711539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1835SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.
ImportantCVE-2011-1835SUSE bug 709771SUSE bug 711539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1836SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.
ModerateCVE-2011-1836SUSE bug 709771SUSE bug 711539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1837SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.
ImportantCVE-2011-1837SUSE bug 709771SUSE bug 711539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1898SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."
ImportantCVE-2011-1898SUSE bug 702025SUSE bug 724906cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1907SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
ModerateCVE-2011-1907SUSE bug 692210cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1910SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
ImportantCVE-2011-1910SUSE bug 696585SUSE bug 698286cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1944SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.
ModerateCVE-2011-1944SUSE bug 1123919SUSE bug 697372cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1946SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of these accounts.
ImportantCVE-2011-1946SUSE bug 695627cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1947SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.
ModerateCVE-2011-1947SUSE bug 697368cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1957SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.
ModerateCVE-2011-1957SUSE bug 697516cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1958SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file.
ModerateCVE-2011-1958SUSE bug 697516cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-1959SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.
ModerateCVE-2011-1959SUSE bug 697516cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2054SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker must have the correct primary credentials in order to successfully exploit this vulnerability.
ImportantCVE-2011-2054SUSE bug 709167cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2107SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability."
ModerateCVE-2011-2107SUSE bug 698261SUSE bug 698296SUSE bug 698358cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2110SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
CriticalCVE-2011-2110SUSE bug 699942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2130SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.
CriticalCVE-2011-2130SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2134SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.
CriticalCVE-2011-2134SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2135SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425.
CriticalCVE-2011-2135SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2136SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416.
CriticalCVE-2011-2136SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2137SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415.
CriticalCVE-2011-2137SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.
CriticalCVE-2011-2138SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
CriticalCVE-2011-2139SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425.
CriticalCVE-2011-2140SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2174SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.
ModerateCVE-2011-2174SUSE bug 697516cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2175SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read.
ModerateCVE-2011-2175SUSE bug 697516cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2178SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression.
ModerateCVE-2011-2178SUSE bug 697904cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2199SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option.
ModerateCVE-2011-2199SUSE bug 699714cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2203SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record.
ModerateCVE-2011-2203SUSE bug 699709cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2366SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.
ModerateCVE-2011-2366SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2367SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors.
ModerateCVE-2011-2367SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2368SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CriticalCVE-2011-2368SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2369SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.
ModerateCVE-2011-2369SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2370SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.
ModerateCVE-2011-2370SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2371SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.
CriticalCVE-2011-2371SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2372SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.
CriticalCVE-2011-2372SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2373SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.
CriticalCVE-2011-2373SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2374SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2374SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2375SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2375SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2377SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.
CriticalCVE-2011-2377SUSE bug 701296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2414SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415.
CriticalCVE-2011-2414SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2415SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414.
CriticalCVE-2011-2415SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2416SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.
CriticalCVE-2011-2416SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2417SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425.
CriticalCVE-2011-2417SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2425SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417.
CriticalCVE-2011-2425SUSE bug 711427cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2445SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
CriticalCVE-2011-2445SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2450SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2011-2450SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2451SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
CriticalCVE-2011-2451SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2452SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
CriticalCVE-2011-2452SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2453SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
CriticalCVE-2011-2453SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2454SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
CriticalCVE-2011-2454SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2455SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460.
CriticalCVE-2011-2455SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2456SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2456SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2457SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2457SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2458SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.
CriticalCVE-2011-2458SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2459SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.
CriticalCVE-2011-2459SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2460SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459.
CriticalCVE-2011-2460SUSE bug 729797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2011-2464SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
ModerateCVE-2011-2464SUSE bug 703907cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2483SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
ModerateCVE-2011-2483SUSE bug 700876SUSE bug 701489SUSE bug 701491SUSE bug 713727SUSE bug 738221SUSE bug 749299SUSE bug 749301SUSE bug 749303cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file.
ModerateCVE-2011-2485SUSE bug 702028cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2501SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources.
ModerateCVE-2011-2501SUSE bug 702578cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2511SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
ModerateCVE-2011-2511SUSE bug 703084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2513SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader.
ModerateCVE-2011-2513SUSE bug 704309cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2514SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warning dialog box to represent a different filename than the file for which access will be granted.
ModerateCVE-2011-2514SUSE bug 704309cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2522SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program.
ModerateCVE-2011-2522SUSE bug 705241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2597SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.
ModerateCVE-2011-2597SUSE bug 706728cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2690SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.
ModerateCVE-2011-2690SUSE bug 706387SUSE bug 706388SUSE bug 854395cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2691SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.
ModerateCVE-2011-2691SUSE bug 706388cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2692SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.
ModerateCVE-2011-2692SUSE bug 706389SUSE bug 854395cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2694SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).
ModerateCVE-2011-2694cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2696SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
ModerateCVE-2011-2696SUSE bug 705681cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2697SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file.
ModerateCVE-2011-2697SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 852368SUSE bug 957531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2698SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet.
ModerateCVE-2011-2698SUSE bug 706728cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2707SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.
ModerateCVE-2011-2707SUSE bug 707337cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2709SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
ModerateCVE-2011-2709SUSE bug 694598cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2721SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.
ModerateCVE-2011-2721SUSE bug 708263cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2722SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
LowCVE-2011-2722SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 713717SUSE bug 808355cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2724SUSE Linux Enterprise Desktop 12 SP4
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.
LowCVE-2011-2724SUSE bug 1160791SUSE bug 709819cpe:/o:suse:sled:12:sp4CVE-2011-2748SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
ModerateCVE-2011-2748SUSE bug 712653cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2749SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
ImportantCVE-2011-2749SUSE bug 712653cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2895SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
ModerateCVE-2011-2895SUSE bug 709851SUSE bug 711487cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2896SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
ModerateCVE-2011-2896SUSE bug 601830SUSE bug 671735SUSE bug 680210SUSE bug 680212SUSE bug 700987SUSE bug 711490SUSE bug 711491SUSE bug 715643cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2985SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2985SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2986SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.
ModerateCVE-2011-2986SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2988SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.
CriticalCVE-2011-2988SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2989SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2989SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2990SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects.
ModerateCVE-2011-2990SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2991SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2991SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2992SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2992SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2993SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.
CriticalCVE-2011-2993SUSE bug 712224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2995SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2995SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2996SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2996SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-2997SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2997SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3000SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.
CriticalCVE-2011-3000SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3001SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.
ModerateCVE-2011-3001SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3002SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow.
CriticalCVE-2011-3002SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3003SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.
CriticalCVE-2011-3003SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3004SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior.
CriticalCVE-2011-3004SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3005SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.
CriticalCVE-2011-3005SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3026SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
ImportantCVE-2011-3026SUSE bug 747311SUSE bug 747327SUSE bug 747328SUSE bug 773612SUSE bug 854395cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3045SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
ModerateCVE-2011-3045SUSE bug 752008SUSE bug 754456cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3048SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.
ModerateCVE-2011-3048SUSE bug 754745SUSE bug 854395cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3062SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.
ModerateCVE-2011-3062SUSE bug 754458SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3101SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products.
CriticalCVE-2011-3101SUSE bug 762481SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
ModerateCVE-2011-3146SUSE bug 714980cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3148SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
ModerateCVE-2011-3148SUSE bug 724480cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3149SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
LowCVE-2011-3149SUSE bug 724480cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3172SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12.
CriticalCVE-2011-3172SUSE bug 1149683SUSE bug 707645cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3177SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.
LowCVE-2011-3177SUSE bug 713661cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3193SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
ModerateCVE-2011-3193SUSE bug 714984cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3200SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
ModerateCVE-2011-3200SUSE bug 714658cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3207SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.
ModerateCVE-2011-3207SUSE bug 716143cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3210SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol.
ModerateCVE-2011-3210SUSE bug 716144cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3232SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.
CriticalCVE-2011-3232SUSE bug 720264cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3256SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226.
ModerateCVE-2011-3256SUSE bug 728044SUSE bug 730124SUSE bug 748083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3266SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.
ModerateCVE-2011-3266SUSE bug 718032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3328SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certain zero value.
ModerateCVE-2011-3328SUSE bug 720017cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3360SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
ModerateCVE-2011-3360SUSE bug 718032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3377SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.
ModerateCVE-2011-3377SUSE bug 729870cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3389SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
ModerateCVE-2011-3389SUSE bug 716002SUSE bug 719047SUSE bug 725167SUSE bug 726096SUSE bug 739248SUSE bug 739256SUSE bug 742306SUSE bug 751718SUSE bug 759666SUSE bug 763598SUSE bug 814655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3439SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.
ModerateCVE-2011-3439SUSE bug 730124SUSE bug 748083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3464SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow.
ModerateCVE-2011-3464SUSE bug 745029cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3483SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."
ModerateCVE-2011-3483SUSE bug 718032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3563SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound.
ModerateCVE-2011-3563SUSE bug 747208SUSE bug 758470SUSE bug 763805cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Session. NOTE: this CVE identifier was accidentally used for a Concurrency issue in Java Runtime Environment, but that issue has been reassigned to CVE-2012-0507.
CriticalCVE-2011-3571SUSE bug 742115SUSE bug 747208cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3594SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2.
ImportantCVE-2011-3594SUSE bug 722199SUSE bug 736161cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3602SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.
LowCVE-2011-3602SUSE bug 721968cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3627SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.
ModerateCVE-2011-3627SUSE bug 724856SUSE bug 809945cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3630SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.
ModerateCVE-2011-3630cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3631SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.
ModerateCVE-2011-3631cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3632SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
LowCVE-2011-3632cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3635SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in the theme_adium_append_message function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias (aka nickname).
ModerateCVE-2011-3635SUSE bug 727003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3640SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
ModerateCVE-2011-3640SUSE bug 726096cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3648SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.
ModerateCVE-2011-3648cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3650SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.
ModerateCVE-2011-3650cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3651SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-3651cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3652SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-3652cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3654SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-3654cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3655SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.
CriticalCVE-2011-3655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3658SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.
CriticalCVE-2011-3658SUSE bug 737533SUSE bug 746591SUSE bug 750044cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3659SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.
CriticalCVE-2011-3659SUSE bug 744275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3660SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.
CriticalCVE-2011-3660SUSE bug 737533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3661SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.
CriticalCVE-2011-3661SUSE bug 737533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3663SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.
CriticalCVE-2011-3663SUSE bug 737533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3848SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double-encoded key parameter in the URI in 2.7.x, (2) the CN in the Subject of a CSR in 2.6 and 0.25.
ModerateCVE-2011-3848SUSE bug 721139SUSE bug 726372cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3872SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."
ImportantCVE-2011-3872SUSE bug 726372cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-3922SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling.
ModerateCVE-2011-3922SUSE bug 739904SUSE bug 740493cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4108SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.
ModerateCVE-2011-4108SUSE bug 739719SUSE bug 742821SUSE bug 758060SUSE bug 778825cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4109SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
ModerateCVE-2011-4109SUSE bug 739719SUSE bug 758060cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4128SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.
ModerateCVE-2011-4128SUSE bug 729486cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise allows attackers controlling an access point to cause execute arbitrary code. Affected releases are sysconfig prior to 0.83.7-2.1.
ModerateCVE-2011-4182SUSE bug 735394cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4313SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
ImportantCVE-2011-4313SUSE bug 730995SUSE bug 738156cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4324SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem.
ModerateCVE-2011-4324SUSE bug 732613cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4349SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id.
ModerateCVE-2011-4349SUSE bug 698250SUSE bug 732996cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4354SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.
ModerateCVE-2011-4354SUSE bug 733252SUSE bug 808942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4405SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.
ModerateCVE-2011-4405SUSE bug 733542SUSE bug 735322cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4516SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.
ImportantCVE-2011-4516SUSE bug 1006591SUSE bug 725758cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4517SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
ImportantCVE-2011-4517SUSE bug 1006593SUSE bug 725758cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4539SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
ModerateCVE-2011-4539SUSE bug 735610SUSE bug 741239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4576SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.
ModerateCVE-2011-4576SUSE bug 739719SUSE bug 758060SUSE bug 778825cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4577SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers.
ModerateCVE-2011-4577SUSE bug 739719SUSE bug 758060cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4600SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query.
LowCVE-2011-4600SUSE bug 736082cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4604SUSE Linux Enterprise Desktop 12 SP4
The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet.
ModerateCVE-2011-4604SUSE bug 736149cpe:/o:suse:sled:12:sp4CVE-2011-4619SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
ModerateCVE-2011-4619SUSE bug 739719SUSE bug 758060SUSE bug 799454cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4815SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
ImportantCVE-2011-4815SUSE bug 739122cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4862SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
ImportantCVE-2011-4862SUSE bug 738632cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4868SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.
ModerateCVE-2011-4868SUSE bug 741239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-4944SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
LowCVE-2011-4944SUSE bug 754447cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-5035SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
ModerateCVE-2011-5035SUSE bug 747208SUSE bug 757762SUSE bug 758470cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-5095SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-1923.
ModerateCVE-2011-5095SUSE bug 768097SUSE bug 773908cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2011-5327SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.
ModerateCVE-2011-5327SUSE bug 1143175cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0027SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.
ModerateCVE-2012-0027SUSE bug 739719cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0029SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets.
ImportantCVE-2012-0029SUSE bug 740165SUSE bug 747331SUSE bug 757537cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0035SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
ModerateCVE-2012-0035SUSE bug 740447cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0037SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
ModerateCVE-2012-0037SUSE bug 37195SUSE bug 734781SUSE bug 740453SUSE bug 745298cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0050SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108.
ImportantCVE-2012-0050SUSE bug 739719SUSE bug 742821SUSE bug 758060cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0056SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.
ImportantCVE-2012-0056SUSE bug 1171985SUSE bug 742028SUSE bug 742279cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0217SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
ImportantCVE-2012-0217SUSE bug 757537SUSE bug 764077SUSE bug 785429cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0247SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.
ModerateCVE-2012-0247SUSE bug 746880SUSE bug 752879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0248SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.
ModerateCVE-2012-0248SUSE bug 746880SUSE bug 752879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0390SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108.
ModerateCVE-2012-0390SUSE bug 739898cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0441SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
ModerateCVE-2012-0441SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0442SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2012-0442SUSE bug 744275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0443SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2012-0443SUSE bug 744275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0444SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
ModerateCVE-2012-0444SUSE bug 744275SUSE bug 747912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0445SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute.
ModerateCVE-2012-0445SUSE bug 744275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0446SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.
ModerateCVE-2012-0446SUSE bug 744275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0447SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.
ModerateCVE-2012-0447SUSE bug 744275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0449SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.
CriticalCVE-2012-0449SUSE bug 744275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0451SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.
ModerateCVE-2012-0451SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0452SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.
ImportantCVE-2012-0452SUSE bug 746616SUSE bug 746663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0455SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a "DragAndDropJacking" issue.
ModerateCVE-2012-0455SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0456SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.
CriticalCVE-2012-0456SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0457SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation.
CriticalCVE-2012-0457SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0458SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context.
CriticalCVE-2012-0458SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0459SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.
CriticalCVE-2012-0459SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0460SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a crafted web page.
ModerateCVE-2012-0460SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0461SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-0461SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0462SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-0462SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0463SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.
ImportantCVE-2012-0463SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0464SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection.
ImportantCVE-2012-0464SUSE bug 746591SUSE bug 750044SUSE bug 752168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0467SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2012-0467SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0468SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.
CriticalCVE-2012-0468SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0469SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data.
ModerateCVE-2012-0469SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0470SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems."
ModerateCVE-2012-0470SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0471SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set.
ModerateCVE-2012-0471SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0472SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2012-0472SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0473SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call.
ModerateCVE-2012-0473SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0474SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)."
ModerateCVE-2012-0474SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0475SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.
ModerateCVE-2012-0475SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0477SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set.
ModerateCVE-2012-0477SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0478SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
ModerateCVE-2012-0478SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0479SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.
ModerateCVE-2012-0479SUSE bug 758408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0497SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
CriticalCVE-2012-0497SUSE bug 747208SUSE bug 758470cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0501SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors.
LowCVE-2012-0501SUSE bug 747208SUSE bug 758470cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0502SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT.
ModerateCVE-2012-0502SUSE bug 747208SUSE bug 758470SUSE bug 763805cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0503SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n.
ModerateCVE-2012-0503SUSE bug 747208SUSE bug 758470SUSE bug 763805cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0505SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
ModerateCVE-2012-0505SUSE bug 747208SUSE bug 758470SUSE bug 763805cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0506SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA.
ModerateCVE-2012-0506SUSE bug 747208SUSE bug 758470SUSE bug 763805cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references."
LowCVE-2012-0547SUSE bug 777499SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0751SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2012-0751SUSE bug 747297SUSE bug 747307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0752SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion."
ModerateCVE-2012-0752SUSE bug 747297SUSE bug 747307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0753SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted MP4 data.
CriticalCVE-2012-0753SUSE bug 747297SUSE bug 747307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0754SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2012-0754SUSE bug 747297SUSE bug 747307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0755SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0756.
CriticalCVE-2012-0755SUSE bug 747297SUSE bug 747307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0756SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0755.
CriticalCVE-2012-0756SUSE bug 747297SUSE bug 747307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0759SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.
CriticalCVE-2012-0759SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0767SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.
ModerateCVE-2012-0767SUSE bug 747297SUSE bug 747309cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0768SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2012-0768SUSE bug 750614cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0769SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.
ModerateCVE-2012-0769SUSE bug 750614cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0773SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2012-0773SUSE bug 754688SUSE bug 754689cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0779SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012.
CriticalCVE-2012-0779SUSE bug 760777cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-0786SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.
ModerateCVE-2012-0786SUSE bug 853044SUSE bug 885003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0804SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
ModerateCVE-2012-0804SUSE bug 744059cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0817SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests.
ModerateCVE-2012-0817SUSE bug 743986cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0845SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.
ModerateCVE-2012-0845SUSE bug 747125cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0862SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
LowCVE-2012-0862SUSE bug 762294SUSE bug 844230SUSE bug 855685cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0866SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.
ModerateCVE-2012-0866SUSE bug 701489SUSE bug 749299SUSE bug 749301SUSE bug 749303cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0867SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.
LowCVE-2012-0867SUSE bug 701489SUSE bug 749299SUSE bug 749301SUSE bug 749303cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0868SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.
LowCVE-2012-0868SUSE bug 701489SUSE bug 749299SUSE bug 749301SUSE bug 749303cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0870SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.
ImportantCVE-2012-0870SUSE bug 747934SUSE bug 752797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0876SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
ModerateCVE-2012-0876SUSE bug 750914SUSE bug 751464SUSE bug 751465SUSE bug 983215SUSE bug 983216cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-0884SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.
ModerateCVE-2012-0884SUSE bug 749210SUSE bug 749735SUSE bug 751977SUSE bug 754640SUSE bug 761819cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1012SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify or read string attributes by leveraging the global list privilege.
ModerateCVE-2012-1012SUSE bug 766109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1013SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a denial of service (NULL pointer dereference and daemon crash) via a KRB5_KDB_DISALLOW_ALL_TIX create request that lacks a password.
ModerateCVE-2012-1013SUSE bug 765485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1014SUSE Linux Enterprise Desktop 12 SP1
The process_as_req function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x before 1.10.3 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a malformed AS-REQ request.
ModerateCVE-2012-1014SUSE bug 770172cpe:/o:suse:sled:12:sp1CVE-2012-1015SUSE Linux Enterprise Desktop 12 SP1
The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.
ImportantCVE-2012-1015SUSE bug 770172cpe:/o:suse:sled:12:sp1CVE-2012-1016SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted Draft 9 request.
ModerateCVE-2012-1016SUSE bug 807556cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1126SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
ModerateCVE-2012-1126SUSE bug 750937cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1127SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
ModerateCVE-2012-1127SUSE bug 750947cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1128SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
ModerateCVE-2012-1128SUSE bug 750942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1129SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
LowCVE-2012-1129SUSE bug 750952cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1130SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
ModerateCVE-2012-1130SUSE bug 750951cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1131SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
ModerateCVE-2012-1131SUSE bug 750953cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1132SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
LowCVE-2012-1132SUSE bug 750950cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1133SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
ModerateCVE-2012-1133SUSE bug 750940cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1134SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
ModerateCVE-2012-1134SUSE bug 750945cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1135SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
LowCVE-2012-1135SUSE bug 750946cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1136SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
ModerateCVE-2012-1136SUSE bug 750939cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1137SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
ModerateCVE-2012-1137SUSE bug 750943cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
ModerateCVE-2012-1138SUSE bug 750941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
LowCVE-2012-1139SUSE bug 750938cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
ModerateCVE-2012-1140SUSE bug 750954cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1141SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
LowCVE-2012-1141SUSE bug 750955cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1142SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
ModerateCVE-2012-1142SUSE bug 750948cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
ModerateCVE-2012-1143SUSE bug 750949cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1144SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
ModerateCVE-2012-1144SUSE bug 750944cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1147SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
ModerateCVE-2012-1147SUSE bug 750914SUSE bug 751464SUSE bug 751465cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1148SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
ImportantCVE-2012-1148SUSE bug 750914SUSE bug 751464SUSE bug 751465cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
ModerateCVE-2012-1150SUSE bug 751718SUSE bug 755383SUSE bug 826682cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1152SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function.
ModerateCVE-2012-1152SUSE bug 751503cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1162SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct."
ModerateCVE-2012-1162SUSE bug 751829SUSE bug 751830cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1163SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.
ModerateCVE-2012-1163SUSE bug 751829SUSE bug 751830cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1165SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250.
ModerateCVE-2012-1165SUSE bug 749210SUSE bug 749213SUSE bug 751946SUSE bug 754640cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1173SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.
ModerateCVE-2012-1173SUSE bug 753362SUSE bug 767852SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1174SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session."
ModerateCVE-2012-1174SUSE bug 752281cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.
ImportantCVE-2012-1182SUSE bug 747934SUSE bug 752797SUSE bug 754443cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1185SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
ModerateCVE-2012-1185SUSE bug 752879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1186SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.
ModerateCVE-2012-1186SUSE bug 752879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1457SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
ModerateCVE-2012-1457SUSE bug 753611SUSE bug 767574cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1458SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.
ModerateCVE-2012-1458SUSE bug 753613SUSE bug 767574cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1459SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
ModerateCVE-2012-1459SUSE bug 753610SUSE bug 767574cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1535SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.
CriticalCVE-2012-1535SUSE bug 775986cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-1569SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.
ModerateCVE-2012-1569SUSE bug 752193SUSE bug 753301SUSE bug 924966cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.
ModerateCVE-2012-1571SUSE bug 753303SUSE bug 883306SUSE bug 884986SUSE bug 987530cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1573SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
ModerateCVE-2012-1573SUSE bug 752193SUSE bug 754223cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1586SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.
ModerateCVE-2012-1586SUSE bug 754443cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1616SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.
ModerateCVE-2012-1616SUSE bug 768322cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1667SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
ModerateCVE-2012-1667SUSE bug 765315SUSE bug 792926cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1682SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."
CriticalCVE-2012-1682SUSE bug 777499SUSE bug 780897SUSE bug 785433cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1711SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA.
CriticalCVE-2012-1711SUSE bug 766802cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1713SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
CriticalCVE-2012-1713SUSE bug 766802SUSE bug 778629SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1716SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
CriticalCVE-2012-1716SUSE bug 766802SUSE bug 778629SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1717SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.
ModerateCVE-2012-1717SUSE bug 766802SUSE bug 778629SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1718SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
ModerateCVE-2012-1718SUSE bug 778629SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1719SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA.
ModerateCVE-2012-1719SUSE bug 766802SUSE bug 778629SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1723SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CriticalCVE-2012-1723SUSE bug 766802cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1724SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP.
ModerateCVE-2012-1724SUSE bug 766802cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1725SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ImportantCVE-2012-1725SUSE bug 766802SUSE bug 778629SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1726SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
ImportantCVE-2012-1726SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1937SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-1937SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1938SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.
CriticalCVE-2012-1938SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1940SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column.
CriticalCVE-2012-1940SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1941SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.
CriticalCVE-2012-1941SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1944SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.
ModerateCVE-2012-1944SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1945SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.
ModerateCVE-2012-1945SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1946SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.
CriticalCVE-2012-1946SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1947SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.
CriticalCVE-2012-1947SUSE bug 765204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1948SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-1948SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1949SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-1949SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1950SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.
ImportantCVE-2012-1950SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1951SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.
ImportantCVE-2012-1951SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1952SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.
CriticalCVE-2012-1952SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1953SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.
CriticalCVE-2012-1953SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1954SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.
CriticalCVE-2012-1954SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1955SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.
ImportantCVE-2012-1955SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1956SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.
ModerateCVE-2012-1956SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1957SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.
ImportantCVE-2012-1957SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1958SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.
ImportantCVE-2012-1958SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1959SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.
ImportantCVE-2012-1959SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1960SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.
LowCVE-2012-1960SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1961SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.
ImportantCVE-2012-1961SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1962SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.
ImportantCVE-2012-1962SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1963SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.
ImportantCVE-2012-1963SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1965SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
ImportantCVE-2012-1965SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1966SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
ImportantCVE-2012-1966SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1967SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.
ImportantCVE-2012-1967SUSE bug 771583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1970SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-1970SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1972SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1972SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1973SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1973SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1974SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1974SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1975SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1975SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-1976SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1976SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2034SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.
CriticalCVE-2012-2034SUSE bug 766241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-2035SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-2035SUSE bug 766241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-2036SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-2036SUSE bug 766241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-2037SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034.
CriticalCVE-2012-2037SUSE bug 766241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-2038SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
ModerateCVE-2012-2038SUSE bug 766241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-2039SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CriticalCVE-2012-2039SUSE bug 766241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-2040SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.
CriticalCVE-2012-2040SUSE bug 766241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-2110SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
ImportantCVE-2012-2110SUSE bug 758060SUSE bug 778825cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2111SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.
ModerateCVE-2012-2111SUSE bug 754443SUSE bug 757576cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2113SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
ModerateCVE-2012-2113SUSE bug 767852SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2131SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.
ImportantCVE-2012-2131SUSE bug 758060cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2141SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table.
ModerateCVE-2012-2141SUSE bug 759352SUSE bug 826684cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2142SUSE Linux Enterprise Desktop 12
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
LowCVE-2012-2142SUSE bug 1133493SUSE bug 834475SUSE bug 834476cpe:/o:suse:sled:12CVE-2012-2143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.
ModerateCVE-2012-2143SUSE bug 766797SUSE bug 766798SUSE bug 766799cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
LowCVE-2012-2150SUSE bug 939367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2214SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.
ModerateCVE-2012-2214SUSE bug 760890cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2333SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.
ModerateCVE-2012-2333SUSE bug 761838SUSE bug 763341SUSE bug 905106cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2337SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.
ImportantCVE-2012-2337SUSE bug 762327SUSE bug 826687cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2369SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message.
ModerateCVE-2012-2369SUSE bug 762498cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2372SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interface's own IP address, as demonstrated by rds-ping.
ModerateCVE-2012-2372SUSE bug 767610SUSE bug 795039cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-2388SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
ModerateCVE-2012-2388SUSE bug 1107874SUSE bug 761325SUSE bug 815236cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2392SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.
ModerateCVE-2012-2392SUSE bug 763634SUSE bug 763855SUSE bug 769578cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2393SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation.
ModerateCVE-2012-2393SUSE bug 763634SUSE bug 763855SUSE bug 763857cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2394SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.
ModerateCVE-2012-2394SUSE bug 763634SUSE bug 763859cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2396SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file.
ModerateCVE-2012-2396SUSE bug 760496cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2451SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.
LowCVE-2012-2451SUSE bug 760459cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2625SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image.
ModerateCVE-2012-2625SUSE bug 762484SUSE bug 773393SUSE bug 773401SUSE bug 787163cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2655SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.
ModerateCVE-2012-2655SUSE bug 765069cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2669SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.
ModerateCVE-2012-2669SUSE bug 761200cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2673SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.
ModerateCVE-2012-2673SUSE bug 765444cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2686SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service (application crash) via crafted CBC data.
ModerateCVE-2012-2686SUSE bug 802648cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2737SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition.
ModerateCVE-2012-2737SUSE bug 768807cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2738SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
ModerateCVE-2012-2738SUSE bug 772761cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2812SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
ModerateCVE-2012-2812SUSE bug 771229SUSE bug 831515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2813SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
ModerateCVE-2012-2813SUSE bug 771229SUSE bug 831515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2814SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
ModerateCVE-2012-2814SUSE bug 771229SUSE bug 831515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2836SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
ModerateCVE-2012-2836SUSE bug 771229SUSE bug 831515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2837SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags.
ModerateCVE-2012-2837SUSE bug 771229SUSE bug 831515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2840SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
ModerateCVE-2012-2840SUSE bug 771229SUSE bug 831515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-2841SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.
ModerateCVE-2012-2841SUSE bug 771229SUSE bug 831515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3136SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682.
CriticalCVE-2012-3136SUSE bug 777499SUSE bug 780897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3174SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving recursive use of the Reflection API, but that issue is already covered as part of CVE-2013-0422. This identifier is for a different vulnerability whose details are not public as of 20130114.
ModerateCVE-2012-3174SUSE bug 798324SUSE bug 798521SUSE bug 798535cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3216SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
LowCVE-2012-3216SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3236SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.
ModerateCVE-2012-3236SUSE bug 763595SUSE bug 768376SUSE bug 769565cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3291SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in OpenConnect 3.18 allows remote servers to cause a denial of service via a crafted greeting banner.
ImportantCVE-2012-3291SUSE bug 767616cpe:/o:suse:sled:12:sp4CVE-2012-3355SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.
ModerateCVE-2012-3355SUSE bug 768681cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3374SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.
ModerateCVE-2012-3374SUSE bug 770304cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3386SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
ModerateCVE-2012-3386SUSE bug 770618SUSE bug 786745cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3401SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
ModerateCVE-2012-3401SUSE bug 770816SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3406SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
ModerateCVE-2012-3406SUSE bug 770891cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3412SUSE Linux Enterprise Desktop 12 SP4
The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.
ImportantCVE-2012-3412SUSE bug 774523cpe:/o:suse:sled:12:sp4CVE-2012-3422SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.
ModerateCVE-2012-3422SUSE bug 773458SUSE bug 818768cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.
ImportantCVE-2012-3423SUSE bug 773458SUSE bug 818768cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3430SUSE Linux Enterprise Desktop 12 SP4
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
ModerateCVE-2012-3430SUSE bug 773383SUSE bug 795039cpe:/o:suse:sled:12:sp4CVE-2012-3432SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash) via unspecified operations on MMIO regions.
ModerateCVE-2012-3432SUSE bug 773393SUSE bug 773401cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3433SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown.
ModerateCVE-2012-3433SUSE bug 773393SUSE bug 773401cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3445SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer.
ModerateCVE-2012-3445SUSE bug 773955cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3466SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors.
ModerateCVE-2012-3466SUSE bug 775235cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3482SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read.
ModerateCVE-2012-3482SUSE bug 775988cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3488SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue.
ModerateCVE-2012-3488SUSE bug 776523cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3489SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue.
LowCVE-2012-3489SUSE bug 776524cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3515SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
ImportantCVE-2012-3515SUSE bug 777084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3520SUSE Linux Enterprise Desktop 12 SP4
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.
ModerateCVE-2012-3520SUSE bug 776925cpe:/o:suse:sled:12:sp4CVE-2012-3524SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
ImportantCVE-2012-3524SUSE bug 697105SUSE bug 852781SUSE bug 912016cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3548SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.
ModerateCVE-2012-3548SUSE bug 778000SUSE bug 783275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3570SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
ModerateCVE-2012-3570SUSE bug 772924cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
ModerateCVE-2012-3571SUSE bug 772924cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3817SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.
ModerateCVE-2012-3817SUSE bug 772945SUSE bug 792926cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3864SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.
ModerateCVE-2012-3864SUSE bug 770828cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3865SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.
ModerateCVE-2012-3865SUSE bug 770829cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3866SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file.
ModerateCVE-2012-3866SUSE bug 770827cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3867SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences.
ModerateCVE-2012-3867SUSE bug 770833cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3868SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
ModerateCVE-2012-3868SUSE bug 772946SUSE bug 792926cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3954SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
ModerateCVE-2012-3954SUSE bug 772924cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3955SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
ModerateCVE-2012-3955SUSE bug 780167cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3956SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3956SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3957SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-3957SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3958SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3958SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3959SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3959SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3960SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3960SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3961SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3961SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3962SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.
CriticalCVE-2012-3962SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3963SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-3963SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3964SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3964SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3965SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.
CriticalCVE-2012-3965SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3966SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.
CriticalCVE-2012-3966SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3967SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.
CriticalCVE-2012-3967SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3968SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.
CriticalCVE-2012-3968SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3969SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.
CriticalCVE-2012-3969SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3970SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.
CriticalCVE-2012-3970SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3971SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.
ModerateCVE-2012-3971SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3972SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.
ModerateCVE-2012-3972SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3973SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and connecting to that service through the HTTPMonitor port.
CriticalCVE-2012-3973SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3975SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.
LowCVE-2012-3975SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3976SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.
ModerateCVE-2012-3976SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3978SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.
ModerateCVE-2012-3978SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3980SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation.
ImportantCVE-2012-3980SUSE bug 777588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3982SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2012-3982SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3983SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2012-3983SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3984SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.
CriticalCVE-2012-3984SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3985SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set.
ModerateCVE-2012-3985SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3986SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.
ModerateCVE-2012-3986SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3988SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.
ModerateCVE-2012-3988SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3989SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site.
CriticalCVE-2012-3989SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3990SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.
ModerateCVE-2012-3990SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3991SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.
ModerateCVE-2012-3991SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3992SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.
ModerateCVE-2012-3992SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3993SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an "XrayWrapper pollution" issue.
ModerateCVE-2012-3993SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3994SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.
ModerateCVE-2012-3994SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-3995SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
ModerateCVE-2012-3995SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4024SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file (aka a crafted file for the -ef option). NOTE: probably in most cases, the list file is a trusted file constructed by the program's user; however, there are some realistic situations in which a list file would be obtained from an untrusted remote source.
ModerateCVE-2012-4024SUSE bug 773015cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4025SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow.
ModerateCVE-2012-4025SUSE bug 773015cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4048SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump.
ModerateCVE-2012-4048SUSE bug 772738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4049SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.
ModerateCVE-2012-4049SUSE bug 772738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4179SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4179SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4180SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-4180SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4181SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4181SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4182SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4183SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4183SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4184SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.
ModerateCVE-2012-4184SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4185SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ModerateCVE-2012-4185SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4186SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-4186SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4187SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.
CriticalCVE-2012-4187SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4188SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-4188SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4191SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2012-4191cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4192SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193.
CriticalCVE-2012-4192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4193SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.
CriticalCVE-2012-4193SUSE bug 783533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4194SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.
ModerateCVE-2012-4194SUSE bug 786522cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4195SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.
ModerateCVE-2012-4195SUSE bug 786522cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4196SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.
ModerateCVE-2012-4196SUSE bug 786522cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4201SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.
ModerateCVE-2012-4201SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4202SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.
CriticalCVE-2012-4202SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4203SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.
ModerateCVE-2012-4203SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4204SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
CriticalCVE-2012-4204SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4205SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks or obtain sensitive information by leveraging a sandboxed add-on.
ModerateCVE-2012-4205SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4207SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.
ModerateCVE-2012-4207SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4208SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site.
ModerateCVE-2012-4208SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4209SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.
ModerateCVE-2012-4209SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4210SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.
CriticalCVE-2012-4210SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4212SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4212SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4213SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4213SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4214SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.
CriticalCVE-2012-4214SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4215SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4215SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4216SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4216SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4217SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4217SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4218SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4218SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4244SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
ImportantCVE-2012-4244SUSE bug 780157SUSE bug 792926cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4285SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.
ModerateCVE-2012-4285SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4286SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.
LowCVE-2012-4286SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4287SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.
ModerateCVE-2012-4287SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4288SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.
ModerateCVE-2012-4288SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4289SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.
ModerateCVE-2012-4289SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4290SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.
ModerateCVE-2012-4290SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4291SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
ModerateCVE-2012-4291SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4292SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2012-4292SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4293SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.
ModerateCVE-2012-4293SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4294SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value.
ModerateCVE-2012-4294SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4295SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.
ModerateCVE-2012-4295SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4296SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.
ModerateCVE-2012-4296SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4297SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet.
ModerateCVE-2012-4297SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4298SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow.
ModerateCVE-2012-4298SUSE bug 776083cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4398SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.
ModerateCVE-2012-4398SUSE bug 778463SUSE bug 779488cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2012-4411SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998.
ImportantCVE-2012-4411SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4412SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.
ModerateCVE-2012-4412SUSE bug 779320SUSE bug 848783SUSE bug 882910SUSE bug 920169SUSE bug 920338cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4416SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.
ModerateCVE-2012-4416SUSE bug 779714SUSE bug 785429SUSE bug 785433SUSE bug 785814cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4425SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do not cleanse environment variables, not in libgio itself.
ModerateCVE-2012-4425cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4433SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map (ppm) image, which triggers a heap-based buffer overflow.
ModerateCVE-2012-4433SUSE bug 1023636SUSE bug 1028070SUSE bug 1089725SUSE bug 789835cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4453SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.
ModerateCVE-2012-4453SUSE bug 1008340SUSE bug 782734cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4504SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file.
ModerateCVE-2012-4504SUSE bug 784523SUSE bug 795039cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4510SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS resources.
ModerateCVE-2012-4510SUSE bug 783488cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4524SUSE Linux Enterprise Desktop 12 SP4
xlockmore before 5.43 'dclock' security bypass vulnerability
ModerateCVE-2012-4524SUSE bug 1160775cpe:/o:suse:sled:12:sp4CVE-2012-4535SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."
ModerateCVE-2012-4535SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4536SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read.
ModerateCVE-2012-4536SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4537SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability."
ModerateCVE-2012-4537SUSE bug 779212SUSE bug 786516SUSE bug 786517SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4538SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of service (hypervisor crash) via unspecified vectors.
ModerateCVE-2012-4538SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4539SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infinite loop DoS vulnerability."
ModerateCVE-2012-4539SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4540SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.
ModerateCVE-2012-4540SUSE bug 787846SUSE bug 840572cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4544SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk.
ModerateCVE-2012-4544SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2012-4559SUSE bug 789827cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4560SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2012-4560SUSE bug 789827cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4561SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors.
ModerateCVE-2012-4561SUSE bug 789827cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4564SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.
ModerateCVE-2012-4564SUSE bug 781995SUSE bug 787892SUSE bug 791607SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4681SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
ImportantCVE-2012-4681SUSE bug 777499SUSE bug 778629SUSE bug 780897SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 798324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-4929SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.
ModerateCVE-2012-4929SUSE bug 1011293SUSE bug 779952SUSE bug 793420SUSE bug 803004SUSE bug 847895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5068SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ImportantCVE-2012-5068SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5069SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.
ImportantCVE-2012-5069SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5070SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX.
ModerateCVE-2012-5070SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5071SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
ImportantCVE-2012-5071SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5072SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.
ModerateCVE-2012-5072SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5073SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5079.
ModerateCVE-2012-5073SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5074SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS.
ImportantCVE-2012-5074SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5075SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.
ModerateCVE-2012-5075SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5076SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.
CriticalCVE-2012-5076SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5077SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.
LowCVE-2012-5077SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5079SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5073.
ModerateCVE-2012-5079SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5081SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
ModerateCVE-2012-5081SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5084SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
ImportantCVE-2012-5084SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5085SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.
LowCVE-2012-5085SUSE bug 785429SUSE bug 785433SUSE bug 785814cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5086SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
CriticalCVE-2012-5086SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5087SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
CriticalCVE-2012-5087SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5088SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CriticalCVE-2012-5088SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5089SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-3143.
ImportantCVE-2012-5089SUSE bug 785429SUSE bug 785433SUSE bug 785814SUSE bug 788750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5112SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-5112SUSE bug 786698cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5133SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
ImportantCVE-2012-5133SUSE bug 791234cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5134SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.
ModerateCVE-2012-5134SUSE bug 1123919SUSE bug 791234SUSE bug 793334SUSE bug 795039SUSE bug 804033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5166SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
ModerateCVE-2012-5166SUSE bug 784602SUSE bug 792926cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5237SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2012-5237SUSE bug 783275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5238SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet.
ModerateCVE-2012-5238SUSE bug 783275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5239SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3548. Reason: This candidate is a reservation duplicate of CVE-2012-3548. Notes: All CVE users should reference CVE-2012-3548 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5239SUSE bug 783275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5240SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.
ModerateCVE-2012-5240SUSE bug 783275cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5248SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
ImportantCVE-2012-5248SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5249SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5249SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5250SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5250SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5251SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5251SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5252SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5252SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5253SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5253SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5254SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5254SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5255SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5255SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5256SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5256SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5257SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5257SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5258SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5258SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5259SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5259SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5260SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5260SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5261SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5261SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5262SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5262SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5263SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5263SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5264SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5264SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5265SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5265SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5266SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CriticalCVE-2012-5266SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5267SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5267SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5268SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5268SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5269SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5269SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5270SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5270SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5271SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5271SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5272SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CriticalCVE-2012-5272SUSE bug 784168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5274SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280.
ModerateCVE-2012-5274SUSE bug 788450cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5275SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280.
CriticalCVE-2012-5275SUSE bug 788450cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5276SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5277, and CVE-2012-5280.
CriticalCVE-2012-5276SUSE bug 788450cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5277SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5280.
CriticalCVE-2012-5277SUSE bug 788450cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5278SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors.
CriticalCVE-2012-5278SUSE bug 788450cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5279SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2012-5279SUSE bug 788450cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5280SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5277.
CriticalCVE-2012-5280SUSE bug 788450cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5468SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters.
ImportantCVE-2012-5468SUSE bug 792939cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5510SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.
ModerateCVE-2012-5510SUSE bug 789945cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5511SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image.
ModerateCVE-2012-5511SUSE bug 789944cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5513SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.
ImportantCVE-2012-5513SUSE bug 789951cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5514SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.
ModerateCVE-2012-5514SUSE bug 789948SUSE bug 789988cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5515SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
ModerateCVE-2012-5515SUSE bug 789950cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5519SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
ImportantCVE-2012-5519SUSE bug 1180148SUSE bug 789566SUSE bug 882905SUSE bug 924208cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5525SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
ModerateCVE-2012-5525SUSE bug 789952cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5532SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669.
LowCVE-2012-5532SUSE bug 791605cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5576SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file.
ModerateCVE-2012-5576SUSE bug 791372cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5592SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6052. Reason: This candidate is a reservation duplicate of CVE-2012-6052. Notes: All CVE users should reference CVE-2012-6052 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5592SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5593SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6053. Reason: This candidate is a reservation duplicate of CVE-2012-6053. Notes: All CVE users should reference CVE-2012-6053 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5593SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5594SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6054. Reason: This candidate is a reservation duplicate of CVE-2012-6054. Notes: All CVE users should reference CVE-2012-6054 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5594SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5595SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6056. Reason: This candidate is a reservation duplicate of CVE-2012-6056. Notes: All CVE users should reference CVE-2012-6056 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5595SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5596SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6057. Reason: This candidate is a reservation duplicate of CVE-2012-6057. Notes: All CVE users should reference CVE-2012-6057 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5596SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5597SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6059. Reason: This candidate is a reservation duplicate of CVE-2012-6059. Notes: All CVE users should reference CVE-2012-6059 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5597SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5598SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6060. Reason: This candidate is a reservation duplicate of CVE-2012-6060. Notes: All CVE users should reference CVE-2012-6060 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5598SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5599SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6061. Reason: This candidate is a reservation duplicate of CVE-2012-6061. Notes: All CVE users should reference CVE-2012-6061 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5599SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5600SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6062. Reason: This candidate is a reservation duplicate of CVE-2012-6062. Notes: All CVE users should reference CVE-2012-6062 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5600SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5601SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6055. Reason: This candidate is a reservation duplicate of CVE-2012-6055. Notes: All CVE users should reference CVE-2012-6055 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5601SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5602SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6058. Reason: This candidate is a reservation duplicate of CVE-2012-6058. Notes: All CVE users should reference CVE-2012-6058 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5602SUSE bug 792005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5615SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
ModerateCVE-2012-5615SUSE bug 792440SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5634SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an interrupt.
ModerateCVE-2012-5634SUSE bug 794316SUSE bug 800275SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5668SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function.
ModerateCVE-2012-5668SUSE bug 795826cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5669SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.
ModerateCVE-2012-5669SUSE bug 795826cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5670SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.
ModerateCVE-2012-5670SUSE bug 795826cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5676SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2012-5676SUSE bug 794062cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5677SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-5677SUSE bug 794062cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5678SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2012-5678SUSE bug 794062cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2012-5688SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
ImportantCVE-2012-5688SUSE bug 792926cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5689SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
ModerateCVE-2012-5689SUSE bug 800822cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5829SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2012-5829SUSE bug 790140SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5830SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.
ModerateCVE-2012-5830SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5833SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.
CriticalCVE-2012-5833SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5835SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.
CriticalCVE-2012-5835SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5836SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.
CriticalCVE-2012-5836SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5837SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.
ModerateCVE-2012-5837SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5838SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.
CriticalCVE-2012-5838SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5839SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-5839SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5840SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.
CriticalCVE-2012-5840SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5841SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
ModerateCVE-2012-5841SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5842SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-5842SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-5843SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-5843SUSE bug 790140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6075SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
ModerateCVE-2012-6075SUSE bug 797523SUSE bug 800275SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6093SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect error when certificate validation fails and might cause users to make unsafe security decisions to accept a certificate.
ModerateCVE-2012-6093SUSE bug 797006SUSE bug 802634cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6094SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system
ModerateCVE-2012-6094SUSE bug 795624SUSE bug 857372cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6128SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in http.c in OpenConnect before 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response.
ModerateCVE-2012-6128SUSE bug 803347cpe:/o:suse:sled:12:sp4CVE-2012-6150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.
LowCVE-2012-6150SUSE bug 844720SUSE bug 853347cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6152SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte sequences.
ImportantCVE-2012-6152SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6647SUSE Linux Enterprise Desktop 12 SP3
The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command.
ModerateCVE-2012-6647SUSE bug 878289cpe:/o:suse:sled:12:sp3CVE-2012-6689SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages.
ModerateCVE-2012-6689SUSE bug 920170cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6701SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.
ModerateCVE-2012-6701SUSE bug 969354SUSE bug 969355cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6702SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
ModerateCVE-2012-6702SUSE bug 983215SUSE bug 983216cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6703SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.
LowCVE-2012-6703SUSE bug 986811SUSE bug 986941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6704SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.
ModerateCVE-2012-6704SUSE bug 1013531SUSE bug 1013542cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6706SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the "DestPos" variable, which allows the attacker to write out of bounds when setting Mem[DestPos].
CriticalCVE-2012-6706SUSE bug 1045315SUSE bug 1045490SUSE bug 1053919SUSE bug 1083915cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6711SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().
ImportantCVE-2012-6711SUSE bug 1138676cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2012-6712SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.
ModerateCVE-2012-6712SUSE bug 1143176cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0151SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging administrative access to an HVM guest in a domain with a large number of VCPUs.
ModerateCVE-2013-0151SUSE bug 797285cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0152SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled.
ModerateCVE-2013-0152SUSE bug 797287SUSE bug 800798cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0153SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.
ModerateCVE-2013-0153SUSE bug 800275SUSE bug 800802SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0157SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists.
LowCVE-2013-0157SUSE bug 797002cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0160SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.
LowCVE-2013-0160SUSE bug 797175SUSE bug 841063SUSE bug 871595cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0166SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.
ModerateCVE-2013-0166SUSE bug 802648SUSE bug 802746SUSE bug 813366SUSE bug 821818SUSE bug 833408SUSE bug 905106cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0169SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
ModerateCVE-2013-0169SUSE bug 1070148SUSE bug 1103036SUSE bug 1103597SUSE bug 802184SUSE bug 802648SUSE bug 802746SUSE bug 803379SUSE bug 804654SUSE bug 809839SUSE bug 813366SUSE bug 813939SUSE bug 821818SUSE bug 905106SUSE bug 977584SUSE bug 977616cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0170SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.
ModerateCVE-2013-0170SUSE bug 800976cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0172SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.
ModerateCVE-2013-0172SUSE bug 798364cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0176SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
ModerateCVE-2013-0176SUSE bug 802631SUSE bug 928323cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0211SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.
LowCVE-2013-0211SUSE bug 800024SUSE bug 979005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0213SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.
ModerateCVE-2013-0213SUSE bug 799641SUSE bug 800982SUSE bug 880220cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0214SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.
ModerateCVE-2013-0214SUSE bug 799641SUSE bug 880220cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0216SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.
ModerateCVE-2013-0216SUSE bug 800280SUSE bug 800801SUSE bug 801178SUSE bug 841063SUSE bug 871595cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0217SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions.
ModerateCVE-2013-0217SUSE bug 800280SUSE bug 800801SUSE bug 801178cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0219SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.
ModerateCVE-2013-0219SUSE bug 801036cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0220SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.
ModerateCVE-2013-0220SUSE bug 801036cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0221SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function.
ModerateCVE-2013-0221SUSE bug 798538cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0222SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.
ModerateCVE-2013-0222SUSE bug 796243SUSE bug 798538SUSE bug 798541cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0223SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function.
ModerateCVE-2013-0223SUSE bug 798538SUSE bug 798541cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0231SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.
ModerateCVE-2013-0231SUSE bug 801178SUSE bug 841063SUSE bug 871595cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0240SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.5, does not properly validate SSL certificates when creating accounts such as Windows Live and Facebook accounts, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the network.
ModerateCVE-2013-0240SUSE bug 802409SUSE bug 808534cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0242SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
ModerateCVE-2013-0242SUSE bug 801246SUSE bug 848783SUSE bug 882910cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0249SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.
ImportantCVE-2013-0249SUSE bug 802411cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0254SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.
ModerateCVE-2013-0254SUSE bug 802634cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0255SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read.
ModerateCVE-2013-0255SUSE bug 802679SUSE bug 803057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0271SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.
ModerateCVE-2013-0271SUSE bug 804742cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0272SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.
ModerateCVE-2013-0272SUSE bug 804742cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0273SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-0273SUSE bug 804742cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0274SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network.
ModerateCVE-2013-0274SUSE bug 804742cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0287SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
ModerateCVE-2013-0287SUSE bug 809153cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0292SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
ModerateCVE-2013-0292SUSE bug 792095SUSE bug 804392cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0338SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.
ModerateCVE-2013-0338SUSE bug 1123919SUSE bug 805233cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0401SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
CriticalCVE-2013-0401SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0422SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.
ModerateCVE-2013-0422SUSE bug 798324SUSE bug 798521SUSE bug 798535cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0424SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number.
ModerateCVE-2013-0424SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0425SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
ImportantCVE-2013-0425SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0426SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
ImportantCVE-2013-0426SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0427SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted.
ImportantCVE-2013-0427SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0428SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API.
ImportantCVE-2013-0428SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0429SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote attackers to bypass Java sandbox restrictions.
ImportantCVE-2013-0429SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0431SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490.
ImportantCVE-2013-0431SUSE bug 798535SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0432SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks."
ImportantCVE-2013-0432SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0433SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.
ImportantCVE-2013-0433SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0434SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information.
ImportantCVE-2013-0434SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0435SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."
ImportantCVE-2013-0435SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0440SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java.
ImportantCVE-2013-0440SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0441SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka "missing serialization restriction."
ImportantCVE-2013-0441SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0442SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
ImportantCVE-2013-0442SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0443SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key.
ImportantCVE-2013-0443SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0444SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient checks for cached results" by the Java Beans MethodFinder, which might allow attackers to access methods that should only be accessible to privileged code.
ImportantCVE-2013-0444SUSE bug 798535SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0450SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class.
ImportantCVE-2013-0450SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0454SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or "hide unreadable" parameter.
LowCVE-2013-0454SUSE bug 811975cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0504SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2013-0504SUSE bug 806415SUSE bug 867808cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0630SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and Mac OS X, before 10.3.183.50 and 11.x before 11.2.202.261 on Linux, before 11.1.111.31 on Android 2.x and 3.x, and before 11.1.115.36 on Android 4.x; Adobe AIR before 3.5.0.1060; and Adobe AIR SDK before 3.5.0.1060 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2013-0630SUSE bug 797442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0633SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
ImportantCVE-2013-0633SUSE bug 802809cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0634SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013.
ImportantCVE-2013-0634SUSE bug 802809SUSE bug 933288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0637SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors.
ImportantCVE-2013-0637SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0638SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0647.
ImportantCVE-2013-0638SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0639SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2013-0639SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0642SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373.
CriticalCVE-2013-0642SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0643SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
ImportantCVE-2013-0643SUSE bug 806415cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0644SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0649 and CVE-2013-1374.
CriticalCVE-2013-0644SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0645SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373.
CriticalCVE-2013-0645SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0646SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2013-0646SUSE bug 808973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0647SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0638.
CriticalCVE-2013-0647SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0648SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
CriticalCVE-2013-0648SUSE bug 806415cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0649SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-1374.
CriticalCVE-2013-0649SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0650SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2013-0650SUSE bug 808973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-0743SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team. The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE. Compromised or unauthorized SSL certificates are not within CVE's scope. Notes: none.
ModerateCVE-2013-0743SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0744SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.
CriticalCVE-2013-0744SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0745SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.
CriticalCVE-2013-0745SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0746SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.
CriticalCVE-2013-0746SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0747SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.
ModerateCVE-2013-0747SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0748SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.
ModerateCVE-2013-0748SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0749SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-0749SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0750SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.
CriticalCVE-2013-0750SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0751SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.
ModerateCVE-2013-0751SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0752SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.
CriticalCVE-2013-0752SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0753SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.
CriticalCVE-2013-0753SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0754SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.
CriticalCVE-2013-0754SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0755SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.
CriticalCVE-2013-0755SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0756SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.
CriticalCVE-2013-0756SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0757SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.
CriticalCVE-2013-0757SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0758SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.
CriticalCVE-2013-0758SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0760SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
CriticalCVE-2013-0760SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0761SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0761SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0762SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0762SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0763SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.
CriticalCVE-2013-0763SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0764SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.
ImportantCVE-2013-0764SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0765SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CriticalCVE-2013-0765SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0766SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0766SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0767SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-0767SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0768SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.
CriticalCVE-2013-0768SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0769SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-0769SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0770SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-0770SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0771SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
CriticalCVE-2013-0771SUSE bug 796895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0772SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.
ModerateCVE-2013-0772SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0773SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
ModerateCVE-2013-0773SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0774SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.
CriticalCVE-2013-0774SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0775SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.
CriticalCVE-2013-0775SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0776SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.
ModerateCVE-2013-0776SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0777SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0777SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0778SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-0778SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0779SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-0779SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0780SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.
CriticalCVE-2013-0780SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0781SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0781SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0782SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2013-0782SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0783SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-0783SUSE bug 804248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0787SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
CriticalCVE-2013-0787SUSE bug 808243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0788SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2013-0788SUSE bug 813026SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0789SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.
CriticalCVE-2013-0789SUSE bug 813026SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0791SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
ModerateCVE-2013-0791SUSE bug 813026SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0792SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
ModerateCVE-2013-0792SUSE bug 813026SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0793SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
ModerateCVE-2013-0793SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0794SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.
ModerateCVE-2013-0794SUSE bug 813026SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0795SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
CriticalCVE-2013-0795SUSE bug 813026SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0796SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
CriticalCVE-2013-0796SUSE bug 813026SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0800SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
ImportantCVE-2013-0800SUSE bug 813026SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0801SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-0801SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0809SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493.
ModerateCVE-2013-0809SUSE bug 806786SUSE bug 807487SUSE bug 809386SUSE bug 813939cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-0913SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.
ModerateCVE-2013-0913SUSE bug 808829SUSE bug 871595cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1365SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373.
CriticalCVE-2013-1365SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1366SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373.
CriticalCVE-2013-1366SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1367SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373.
CriticalCVE-2013-1367SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1368SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373.
CriticalCVE-2013-1368SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1369SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373.
CriticalCVE-2013-1369SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1370SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1372, and CVE-2013-1373.
CriticalCVE-2013-1370SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1371SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2013-1371SUSE bug 808973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1372SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1373.
CriticalCVE-2013-1372SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1373SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1372.
CriticalCVE-2013-1373SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1374SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649.
CriticalCVE-2013-1374SUSE bug 803485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1375SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2013-1375SUSE bug 808973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1378SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1380.
ModerateCVE-2013-1378SUSE bug 814635cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1379SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2013-1379SUSE bug 814635cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1380SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1378.
CriticalCVE-2013-1380SUSE bug 814635cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-1415SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request.
ModerateCVE-2013-1415SUSE bug 806715cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1416SUSE Linux Enterprise Desktop 12 SP1
The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.
ModerateCVE-2013-1416SUSE bug 770172SUSE bug 816413cpe:/o:suse:sled:12:sp1CVE-2013-1417SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service (daemon crash) via a TGS-REQ request that triggers an attempted cross-realm referral for a host-based service principal.
ModerateCVE-2013-1417SUSE bug 850660SUSE bug 879587cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1418SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
ModerateCVE-2013-1418SUSE bug 849240SUSE bug 866059SUSE bug 879587cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1430SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.
ModerateCVE-2013-1430SUSE bug 1015567SUSE bug 442182cpe:/o:suse:sled:12:sp4CVE-2013-1431SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks.
ModerateCVE-2013-1431SUSE bug 822586cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1442SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers.
ModerateCVE-2013-1442SUSE bug 839596SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1475SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
ImportantCVE-2013-1475SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1476SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors."
ImportantCVE-2013-1476SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1478SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption.
ImportantCVE-2013-1478SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1480SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
ImportantCVE-2013-1480SUSE bug 798535SUSE bug 801972SUSE bug 803379SUSE bug 806786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1484SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CriticalCVE-2013-1484SUSE bug 798535SUSE bug 803379cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
ModerateCVE-2013-1485SUSE bug 798535SUSE bug 803379cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1486SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
ImportantCVE-2013-1486SUSE bug 798535SUSE bug 803379SUSE bug 804654cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1488SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013.
CriticalCVE-2013-1488SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1493SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
ModerateCVE-2013-1493SUSE bug 806786SUSE bug 807487SUSE bug 809386SUSE bug 813939cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1500SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory.
ImportantCVE-2013-1500SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1518SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions."
ModerateCVE-2013-1518SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1537SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code.
CriticalCVE-2013-1537SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1557SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream method.
CriticalCVE-2013-1557SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1569SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
ImportantCVE-2013-1569SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
ModerateCVE-2013-1571SUSE bug 824397SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1572SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1572SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1573SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1573SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1574SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1574SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1575SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1575SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1576SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1576SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1577SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1577SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1578SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet.
ModerateCVE-2013-1578SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1579SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1579SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1580SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1580SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1581SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet.
ModerateCVE-2013-1581SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1582SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet.
ModerateCVE-2013-1582SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1583SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1583SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1584SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1584SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1585SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1585SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1586SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1586SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1587SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1587SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1588SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1588SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1589SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1589SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1590SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1590SUSE bug 801131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1620SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
ModerateCVE-2013-1620SUSE bug 802184cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1669SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-1669SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1670SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.
ModerateCVE-2013-1670SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1671SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.
ModerateCVE-2013-1671SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1674SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.
CriticalCVE-2013-1674SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1675SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
CriticalCVE-2013-1675SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1676SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-1676SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1677SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-1677SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1678SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors.
CriticalCVE-2013-1678SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1679SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-1679SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1680SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-1680SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1681SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-1681SUSE bug 819204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1682SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-1682SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1683SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2013-1683SUSE bug 1150035SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1684SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
CriticalCVE-2013-1684SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1685SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
CriticalCVE-2013-1685SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1686SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-1686SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1687SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.
CriticalCVE-2013-1687SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1688SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Profiler implementation in Mozilla Firefox before 22.0 parses untrusted data during UI rendering, which allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site.
ModerateCVE-2013-1688SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1690SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
CriticalCVE-2013-1690SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1692SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.
ModerateCVE-2013-1692SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1693SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.
ModerateCVE-2013-1693SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1694SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag.
ModerateCVE-2013-1694SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1695SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 22.0 does not properly implement certain DocShell inheritance behavior for the sandbox attribute of an IFRAME element, which allows remote attackers to bypass intended access restrictions via a FRAME element within an IFRAME element.
ModerateCVE-2013-1695SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1696SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
ModerateCVE-2013-1696SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1697SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
ModerateCVE-2013-1697SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1698SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME elements.
ModerateCVE-2013-1698SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1699SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Internationalized Domain Name (IDN) display algorithm in Mozilla Firefox before 22.0 does not properly handle the .com, .name, and .net top-level domains, which allows remote attackers to spoof the address bar via unspecified homograph characters.
ModerateCVE-2013-1699SUSE bug 825935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1701SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-1701SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1702SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-1702SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1704SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.
ImportantCVE-2013-1704SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1705SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.
CriticalCVE-2013-1705SUSE bug 833389SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1708SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.
ModerateCVE-2013-1708SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1709SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.
ModerateCVE-2013-1709SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1710SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.
CriticalCVE-2013-1710SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1711SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.
ModerateCVE-2013-1711SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1713SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.
ModerateCVE-2013-1713SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1714SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.
ModerateCVE-2013-1714SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1717SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
ModerateCVE-2013-1717SUSE bug 833389cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1718SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-1718SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1719SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-1719SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1720SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.
ModerateCVE-2013-1720SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1721SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.
ImportantCVE-2013-1721SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1722SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.
CriticalCVE-2013-1722SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1723SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.
ImportantCVE-2013-1723SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1724SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.
ImportantCVE-2013-1724SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1725SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.
ImportantCVE-2013-1725SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1728SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.
ImportantCVE-2013-1728SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1730SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.
ImportantCVE-2013-1730SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1732SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.
CriticalCVE-2013-1732SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1735SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.
CriticalCVE-2013-1735SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1736SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.
CriticalCVE-2013-1736SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1737SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
ModerateCVE-2013-1737SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1738SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.
ImportantCVE-2013-1738SUSE bug 840485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1739SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.
ModerateCVE-2013-1739SUSE bug 842979SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1740SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.
ModerateCVE-2013-1740SUSE bug 859055cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1752SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 "Independently Fixable" in the CVE Counting Decisions.
ModerateCVE-2013-1752SUSE bug 856835SUSE bug 856836SUSE bug 863741SUSE bug 885882SUSE bug 898572SUSE bug 912739cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1753SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.
ModerateCVE-2013-1753SUSE bug 856835cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1775SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
ModerateCVE-2013-1775SUSE bug 806919SUSE bug 806921SUSE bug 815325SUSE bug 845568cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1776SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.
LowCVE-2013-1776SUSE bug 806921SUSE bug 817349SUSE bug 817350cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1788SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
ModerateCVE-2013-1788SUSE bug 806793cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1789SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
ModerateCVE-2013-1789SUSE bug 806793cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1790SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
ModerateCVE-2013-1790SUSE bug 806793cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1799SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91, does not properly validate SSL certificates when creating accounts for providers who use the libsoup library, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the network. NOTE: this issue exists because of an incomplete fix for CVE-2013-0240.
ModerateCVE-2013-1799SUSE bug 808534cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1863SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.
ModerateCVE-2013-1863SUSE bug 809624cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1881SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
ModerateCVE-2013-1881SUSE bug 840753cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1899SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a "-" (hyphen).
ImportantCVE-2013-1899SUSE bug 812525cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1900SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."
ImportantCVE-2013-1900SUSE bug 812525cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1901SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.
ImportantCVE-2013-1901SUSE bug 812525cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1914SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results.
ModerateCVE-2013-1914SUSE bug 813121SUSE bug 826666SUSE bug 882910SUSE bug 941444cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1917SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction.
ModerateCVE-2013-1917SUSE bug 813673SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1918SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal."
ModerateCVE-2013-1918SUSE bug 813673SUSE bug 816159SUSE bug 823011SUSE bug 826882SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1919SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices."
ModerateCVE-2013-1919SUSE bug 813673SUSE bug 813675SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1922SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different vulnerability than CVE-2008-2004.
ModerateCVE-2013-1922SUSE bug 814059SUSE bug 934753SUSE bug 934768cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1926SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.
ModerateCVE-2013-1926SUSE bug 815596SUSE bug 818768cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1927SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
ModerateCVE-2013-1927SUSE bug 815596SUSE bug 818768cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1940SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.
LowCVE-2013-1940SUSE bug 814653SUSE bug 815870cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1944SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
ImportantCVE-2013-1944SUSE bug 814655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1945SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ruby193 uses an insecure LD_LIBRARY_PATH setting.
LowCVE-2013-1945SUSE bug 1160788cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1952SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service (interrupt injection) via unspecified vectors.
ModerateCVE-2013-1952SUSE bug 813673SUSE bug 816163SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1960SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
ModerateCVE-2013-1960SUSE bug 817573SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1961SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.
ModerateCVE-2013-1961SUSE bug 817573SUSE bug 818117SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1962SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool."
ModerateCVE-2013-1962SUSE bug 820397cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1969SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.
ModerateCVE-2013-1969SUSE bug 815665cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1976SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log.
ModerateCVE-2013-1976SUSE bug 822177cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1979SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.
ModerateCVE-2013-1979SUSE bug 816708cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1981SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
ModerateCVE-2013-1981SUSE bug 815451SUSE bug 821664cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1982SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions.
ModerateCVE-2013-1982SUSE bug 815451SUSE bug 821665cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1983SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.
ModerateCVE-2013-1983SUSE bug 815451SUSE bug 821667SUSE bug 880221cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1984SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
ModerateCVE-2013-1984SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1985SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function.
ModerateCVE-2013-1985SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1986SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions.
ModerateCVE-2013-1986SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1987SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions.
ModerateCVE-2013-1987SUSE bug 815451SUSE bug 821669SUSE bug 880221cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1988SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.
ModerateCVE-2013-1988SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1989SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function.
ModerateCVE-2013-1989SUSE bug 815451SUSE bug 821671SUSE bug 880221cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1990SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions.
ModerateCVE-2013-1990SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1991SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions.
ModerateCVE-2013-1991SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1992SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttributes functions.
ModerateCVE-2013-1992SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1995SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
ModerateCVE-2013-1995SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1997SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.
ModerateCVE-2013-1997SUSE bug 815451SUSE bug 821664SUSE bug 824294cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1998SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
ModerateCVE-2013-1998SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-1999SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function.
ModerateCVE-2013-1999SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2000SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions.
ModerateCVE-2013-2000SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2001SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function.
ModerateCVE-2013-2001SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2002SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.
ModerateCVE-2013-2002SUSE bug 815451SUSE bug 821670cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2003SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function.
ModerateCVE-2013-2003SUSE bug 1065386SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2004SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
LowCVE-2013-2004SUSE bug 815451SUSE bug 821664cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2005SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.
ModerateCVE-2013-2005SUSE bug 815451SUSE bug 821670cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2007SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
ModerateCVE-2013-2007SUSE bug 818181SUSE bug 818182SUSE bug 818183cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2062SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions.
ModerateCVE-2013-2062SUSE bug 815451SUSE bug 821668SUSE bug 880221cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2063SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function.
ModerateCVE-2013-2063SUSE bug 815451SUSE bug 821663cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2064SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
ModerateCVE-2013-2064SUSE bug 815451SUSE bug 821584cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2066SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function.
ModerateCVE-2013-2066SUSE bug 815451SUSE bug 821671SUSE bug 880221cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2076SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged to obtain sensitive information such as cryptographic keys, a similar vulnerability to CVE-2006-1056. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.
ModerateCVE-2013-2076SUSE bug 813673SUSE bug 820917SUSE bug 840592cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2077SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecified vectors.
ModerateCVE-2013-2077SUSE bug 813673SUSE bug 820919SUSE bug 823011SUSE bug 840592cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2126SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
ModerateCVE-2013-2126SUSE bug 822665SUSE bug 823113SUSE bug 823114cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2127SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2013-2127SUSE bug 822665cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2131SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdtool.graph function.
ModerateCVE-2013-2131SUSE bug 828003cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2139SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.
ModerateCVE-2013-2139SUSE bug 828009cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2142SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/.
LowCVE-2013-2142SUSE bug 823250cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2168SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.
ModerateCVE-2013-2168SUSE bug 824607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2174SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.
ModerateCVE-2013-2174SUSE bug 824517SUSE bug 917692cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2189SUSE Linux Enterprise Desktop 12
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
ModerateCVE-2013-2189SUSE bug 831904cpe:/o:suse:sled:12CVE-2013-2195SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations.
ModerateCVE-2013-2195SUSE bug 823011cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2196SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195.
ModerateCVE-2013-2196SUSE bug 823011cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2207SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.
ModerateCVE-2013-2207SUSE bug 830257cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2211SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors.
ModerateCVE-2013-2211SUSE bug 823608cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2218SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command.
ModerateCVE-2013-2218SUSE bug 827741cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2230SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via unspecified vectors involving "multiple events registration."
LowCVE-2013-2230SUSE bug 827801cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2234SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket.
LowCVE-2013-2234SUSE bug 827749cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2266SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
ModerateCVE-2013-2266SUSE bug 811876SUSE bug 811934cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2383SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.
CriticalCVE-2013-2383SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2384SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2.
CriticalCVE-2013-2384SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2407SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."
ModerateCVE-2013-2407SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2412SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient indication of an SSL connection failure by JConsole, related to RMI connection dialog box.
ModerateCVE-2013-2412SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2415SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "processing of MTOM attachments" and the creation of temporary files with weak permissions.
LowCVE-2013-2415SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2417SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue.
ModerateCVE-2013-2417SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2419SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2.
ModerateCVE-2013-2419SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2420SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.
CriticalCVE-2013-2420SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2421SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions.
CriticalCVE-2013-2421SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2422SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox.
ModerateCVE-2013-2422SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from the original researcher that this vulnerability allows remote attackers to bypass permission checks by the MethodHandles method and modify arbitrary public final fields using reflection and type confusion, as demonstrated using integer and double fields to disable the security manager.
ModerateCVE-2013-2423SUSE bug 816720SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2424SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient class access checks" when "creating new instances" using MBeanInstantiator.
ModerateCVE-2013-2424SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2426SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote attackers to bypass the Java sandbox.
CriticalCVE-2013-2426SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2429SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native code, which triggers memory corruption.
ImportantCVE-2013-2429SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2430SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corruption" when using native code.
ImportantCVE-2013-2430SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2431SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."
CriticalCVE-2013-2431SUSE bug 816720SUSE bug 817157SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2436SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert.
CriticalCVE-2013-2436SUSE bug 816720SUSE bug 819288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2443SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect "checking order" within the AccessControlContext class.
ModerateCVE-2013-2443SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2444SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files.
ModerateCVE-2013-2444SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2445SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "handling of memory allocation errors."
ModerateCVE-2013-2445SUSE bug 825624SUSE bug 828665SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2446SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams.
ModerateCVE-2013-2446SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2447SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost.
ModerateCVE-2013-2447SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2448SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes."
ModerateCVE-2013-2448SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2449SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path.
ModerateCVE-2013-2449SUSE bug 825624SUSE bug 828665SUSE bug 829212cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2450SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass.
ModerateCVE-2013-2450SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2451SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper enforcement of exclusive port binds when running on Windows, which allows attackers to bind to ports that are already in use.
LowCVE-2013-2451SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2452SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class.
ModerateCVE-2013-2452SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2453SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.
ModerateCVE-2013-2453SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2454SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox.
ModerateCVE-2013-2454SUSE bug 825624SUSE bug 828665SUSE bug 829212cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2455SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods.
ModerateCVE-2013-2455SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2456SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class.
ModerateCVE-2013-2456SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2457SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions.
ModerateCVE-2013-2457SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2458SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via "an error related to method handles."
ModerateCVE-2013-2458SUSE bug 825624SUSE bug 828665SUSE bug 829212cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2459SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks."
CriticalCVE-2013-2459SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2460SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component.
CriticalCVE-2013-2460SUSE bug 825624SUSE bug 828665SUSE bug 829212cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2461SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm."
ModerateCVE-2013-2461SUSE bug 825624SUSE bug 828665SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2463SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D.
CriticalCVE-2013-2463SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2465SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
CriticalCVE-2013-2465SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2469SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D.
CriticalCVE-2013-2469SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2470SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."
CriticalCVE-2013-2470SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2471SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."
CriticalCVE-2013-2471SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2472SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D.
CriticalCVE-2013-2472SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2473SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
CriticalCVE-2013-2473SUSE bug 825624SUSE bug 828665SUSE bug 829212SUSE bug 829708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2475SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-2475SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2476SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.
ModerateCVE-2013-2476SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2477SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-2477SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2478SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string.
ModerateCVE-2013-2478SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2479SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.
ModerateCVE-2013-2479SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2480SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-2480SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2481SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.
ModerateCVE-2013-2481SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2482SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-2482SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2483SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data.
ModerateCVE-2013-2483SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2484SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-2484SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-2485SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2486SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.
ModerateCVE-2013-2486SUSE bug 807942SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2487SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.
ModerateCVE-2013-2487SUSE bug 807942SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2488SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.
ModerateCVE-2013-2488SUSE bug 807942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2492SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.
ImportantCVE-2013-2492SUSE bug 808268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2548SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.
LowCVE-2013-2548SUSE bug 809906cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
ModerateCVE-2013-2555SUSE bug 814635cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-2728SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
ModerateCVE-2013-2728SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-2850SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.
ImportantCVE-2013-2850SUSE bug 821560cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-2888SUSE Linux Enterprise Desktop 12 SP3
Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID.
ModerateCVE-2013-2888SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2889SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.
ModerateCVE-2013-2889SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2890SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.
ModerateCVE-2013-2890SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2891SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.
ModerateCVE-2013-2891SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2892SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.
ModerateCVE-2013-2892SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2893SUSE Linux Enterprise Desktop 12 SP3
The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.
ModerateCVE-2013-2893SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2894SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.
ModerateCVE-2013-2894SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2895SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device.
ModerateCVE-2013-2895SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2896SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device.
ModerateCVE-2013-2896SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2897SUSE Linux Enterprise Desktop 12 SP3
Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.
ModerateCVE-2013-2897SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2898SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device.
ModerateCVE-2013-2898SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2899SUSE Linux Enterprise Desktop 12 SP3
drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device.
ModerateCVE-2013-2899SUSE bug 835839cpe:/o:suse:sled:12:sp3CVE-2013-2944SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.
ModerateCVE-2013-2944SUSE bug 815236cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3324SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3324SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3325SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3325SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3326SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3326SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3327SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3327SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3328SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3328SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3329SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3329SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3330SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3330SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3331SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3331SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3332SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3332SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3333SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3334, and CVE-2013-3335.
CriticalCVE-2013-3333SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3334SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3335.
CriticalCVE-2013-3334SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3335SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3334.
CriticalCVE-2013-3335SUSE bug 819916cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3343SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 10.3.183.90 and 11.x before 11.7.700.224 on Windows, before 10.3.183.90 and 11.x before 11.7.700.225 on Mac OS X, before 10.3.183.90 and 11.x before 11.2.202.291 on Linux, before 11.1.111.59 on Android 2.x and 3.x, and before 11.1.115.63 on Android 4.x; Adobe AIR before 3.7.0.2090 on Windows and Android and before 3.7.0.2100 on Mac OS X; and Adobe AIR SDK & Compiler before 3.7.0.2090 on Windows and before 3.7.0.2100 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
ModerateCVE-2013-3343SUSE bug 824512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3344SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2013-3344SUSE bug 828810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3345SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2013-3345SUSE bug 828810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3347SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via PCM data that is not properly handled during resampling.
CriticalCVE-2013-3347SUSE bug 828810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3361SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3362, CVE-2013-3363, and CVE-2013-5324.
CriticalCVE-2013-3361SUSE bug 839897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3362SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3363, and CVE-2013-5324.
CriticalCVE-2013-3362SUSE bug 839897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3363SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3362, and CVE-2013-5324.
CriticalCVE-2013-3363SUSE bug 839897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3495SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI).
ModerateCVE-2013-3495SUSE bug 826717SUSE bug 903970cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-3555SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3556SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-3556SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3557SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-3557SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3558SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-3558SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
ModerateCVE-2013-3559SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3560SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-3560SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3561SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
ModerateCVE-2013-3561SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3562SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-3562SUSE bug 820566SUSE bug 820973cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3567SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.
CriticalCVE-2013-3567SUSE bug 1040151SUSE bug 825878SUSE bug 880224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions.
ModerateCVE-2013-3571SUSE bug 821985cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-3718SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
evince is missing a check on number of pages which can lead to a segmentation fault
ModerateCVE-2013-3718SUSE bug 970030cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-3829SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
ModerateCVE-2013-3829SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4002SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.
ImportantCVE-2013-4002SUSE bug 829212SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4083SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4083SUSE bug 824900SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4118SUSE Linux Enterprise Desktop 12 SP1
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
ModerateCVE-2013-4118SUSE bug 829013cpe:/o:suse:sled:12:sp1CVE-2013-4124SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
ModerateCVE-2013-4124SUSE bug 829969cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock via vectors related to invalid salts.
ModerateCVE-2013-4143SUSE bug 829859cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4148SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow.
ModerateCVE-2013-4148SUSE bug 864812SUSE bug 871442SUSE bug 964630cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4149SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
ModerateCVE-2013-4149SUSE bug 864649SUSE bug 871442SUSE bug 964443cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is greater than max_queues, which triggers an out-of-bounds write.
ModerateCVE-2013-4150SUSE bug 864650SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4151SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.
ModerateCVE-2013-4151SUSE bug 864653SUSE bug 871442SUSE bug 964636cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4153SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemu_agent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to cause a denial of service (daemon crash) via a cpu count request, as demonstrated by the "virsh vcpucount dom --guest" command.
ModerateCVE-2013-4153SUSE bug 830497SUSE bug 830498cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4154SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command.
ModerateCVE-2013-4154SUSE bug 830498cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4231SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.
ModerateCVE-2013-4231SUSE bug 834477SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4232SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.
ModerateCVE-2013-4232SUSE bug 834477SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4233SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow.
ModerateCVE-2013-4233SUSE bug 1022032SUSE bug 834483cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4234SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.
ModerateCVE-2013-4234SUSE bug 1022032SUSE bug 834483cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4237SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.
ModerateCVE-2013-4237SUSE bug 834594SUSE bug 882910SUSE bug 883022cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4238SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2013-4238SUSE bug 834601SUSE bug 839107SUSE bug 882915SUSE bug 912739cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4239SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function.
ModerateCVE-2013-4239SUSE bug 834598cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4242SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
ModerateCVE-2013-4242SUSE bug 831359cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4243SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
ModerateCVE-2013-4243SUSE bug 834779SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4244SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.
ModerateCVE-2013-4244SUSE bug 834788SUSE bug 854393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4245SUSE Linux Enterprise Desktop 12
Orca has arbitrary code execution due to insecure Python module load
ModerateCVE-2013-4245SUSE bug 916835cpe:/o:suse:sled:12CVE-2013-4276SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility.
ModerateCVE-2013-4276SUSE bug 843716cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4282SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
ImportantCVE-2013-4282SUSE bug 848279cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4288SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus API, or (3) the --process (unix-process) option for authorization to pkcheck.
ModerateCVE-2013-4288SUSE bug 1070943SUSE bug 1099031SUSE bug 835827SUSE bug 836931SUSE bug 836932SUSE bug 836937SUSE bug 836939SUSE bug 844967SUSE bug 852368SUSE bug 854144SUSE bug 864716cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4292SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c.
ModerateCVE-2013-4292SUSE bug 837531cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4296SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.
ImportantCVE-2013-4296SUSE bug 836931SUSE bug 838638cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4297SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.
ModerateCVE-2013-4297SUSE bug 838642cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4311SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
ModerateCVE-2013-4311SUSE bug 836931SUSE bug 838638SUSE bug 864716cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4312SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.
ModerateCVE-2013-4312SUSE bug 839104SUSE bug 922947SUSE bug 968014cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2013-4314SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
ModerateCVE-2013-4314SUSE bug 839107cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4325SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process.
ModerateCVE-2013-4325SUSE bug 808355SUSE bug 836931SUSE bug 836932SUSE bug 836937SUSE bug 852368SUSE bug 864716cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4326SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
ModerateCVE-2013-4326SUSE bug 836931SUSE bug 836932SUSE bug 836937SUSE bug 836939SUSE bug 864716cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4329SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction.
ModerateCVE-2013-4329SUSE bug 839618SUSE bug 840592cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4332SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
ModerateCVE-2013-4332SUSE bug 839870SUSE bug 882910cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4342SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
LowCVE-2013-4342SUSE bug 844230SUSE bug 855685SUSE bug 882917cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4349SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4540. Reason: This candidate was MERGED into CVE-2012-4540, since it was later discovered that it affected an additional version, but it does not constitute a regression error. Notes: All CVE users should reference CVE-2012-4540 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2013-4349SUSE bug 840572cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4351SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
LowCVE-2013-4351SUSE bug 840510cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4353SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.
ModerateCVE-2013-4353SUSE bug 857640cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4355SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory.
ModerateCVE-2013-4355SUSE bug 840592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4356SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash).
ImportantCVE-2013-4356SUSE bug 840593cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4361SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.
ModerateCVE-2013-4361SUSE bug 840592SUSE bug 841766cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4375SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
LowCVE-2013-4375SUSE bug 840592SUSE bug 842515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4387SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet.
ModerateCVE-2013-4387SUSE bug 843430SUSE bug 848042cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4396SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.
ImportantCVE-2013-4396SUSE bug 843652cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4399SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.
ModerateCVE-2013-4399SUSE bug 842300SUSE bug 844052cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4400SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.
ImportantCVE-2013-4400SUSE bug 837609cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4401SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information.
ImportantCVE-2013-4401SUSE bug 845704cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4402SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.
ImportantCVE-2013-4402SUSE bug 844175SUSE bug 941439cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4408SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
ImportantCVE-2013-4408SUSE bug 844720SUSE bug 848101SUSE bug 882906cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4416SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
ModerateCVE-2013-4416SUSE bug 840592SUSE bug 845520cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4458SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.
ModerateCVE-2013-4458SUSE bug 847227SUSE bug 883217SUSE bug 941444SUSE bug 955181SUSE bug 967023SUSE bug 980483cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4473SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
ModerateCVE-2013-4473SUSE bug 847907cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4474SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
ModerateCVE-2013-4474SUSE bug 847907cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4475SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
ModerateCVE-2013-4475SUSE bug 848101SUSE bug 880220cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4476SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controller.
ModerateCVE-2013-4476SUSE bug 848103cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4483SUSE Linux Enterprise Desktop 12 SP3
The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application.
ModerateCVE-2013-4483SUSE bug 848321cpe:/o:suse:sled:12:sp3CVE-2013-4494SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of service (host deadlock) via unspecified vectors.
ModerateCVE-2013-4494SUSE bug 848657cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4496SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts.
ModerateCVE-2013-4496SUSE bug 849224SUSE bug 866844cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4509SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
ModerateCVE-2013-4509SUSE bug 847718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4526SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports.
ModerateCVE-2013-4526SUSE bug 864671SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4527SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
ModerateCVE-2013-4527SUSE bug 864673SUSE bug 871442SUSE bug 964746cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4529SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
ModerateCVE-2013-4529SUSE bug 864678SUSE bug 871442SUSE bug 964929cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4530SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image.
ModerateCVE-2013-4530SUSE bug 864682SUSE bug 871442SUSE bug 964950cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4531SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpreg_vmstate_array_len in a savevm image.
ModerateCVE-2013-4531SUSE bug 864796SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4533SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image.
ModerateCVE-2013-4533SUSE bug 864655SUSE bug 871442SUSE bug 964644cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4534SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements.
ModerateCVE-2013-4534SUSE bug 864811SUSE bug 871442SUSE bug 964452cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4535SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.
ModerateCVE-2013-4535SUSE bug 864665SUSE bug 964676cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4536SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
ModerateCVE-2013-4536SUSE bug 864665SUSE bug 871442SUSE bug 964676cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4537SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.
ModerateCVE-2013-4537SUSE bug 864391SUSE bug 871442SUSE bug 962642cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4538SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image.
ModerateCVE-2013-4538SUSE bug 864769SUSE bug 871442SUSE bug 962335cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4539SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image.
ModerateCVE-2013-4539SUSE bug 864805SUSE bug 871442SUSE bug 962758cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4540SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.
ModerateCVE-2013-4540SUSE bug 864801SUSE bug 871442SUSE bug 880751cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4541SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setup_len or setup_index value.
ModerateCVE-2013-4541SUSE bug 864802SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4542SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
ModerateCVE-2013-4542SUSE bug 864804SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4544SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.
ModerateCVE-2013-4544SUSE bug 873613cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4545SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
ModerateCVE-2013-4545SUSE bug 849596SUSE bug 870444SUSE bug 880252SUSE bug 882520SUSE bug 924250cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4549SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.
ModerateCVE-2013-4549SUSE bug 1039291SUSE bug 856832cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4551SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction execution."
ModerateCVE-2013-4551SUSE bug 848657SUSE bug 849665cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4553SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).
ModerateCVE-2013-4553SUSE bug 848657SUSE bug 849667SUSE bug 849668cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4554SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
ModerateCVE-2013-4554SUSE bug 848657SUSE bug 849668cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4587SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.
ImportantCVE-2013-4587SUSE bug 853050SUSE bug 882914cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-4591SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a getxattr system call for the system.nfs4_acl extended attribute of a pathname on an NFSv4 filesystem.
ModerateCVE-2013-4591SUSE bug 851103cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4758SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
ModerateCVE-2013-4758SUSE bug 828140cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4761SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master.
ModerateCVE-2013-4761SUSE bug 835122SUSE bug 836962SUSE bug 880224cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4854SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
ModerateCVE-2013-4854SUSE bug 831899cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4920SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4920SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4921SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4921SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4922SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4922SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4923SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets.
ModerateCVE-2013-4923SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4924SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.
ModerateCVE-2013-4924SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4925SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted packet.
ModerateCVE-2013-4925SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4926SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4926SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4927SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.
ModerateCVE-2013-4927SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4928SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2013-4928SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4929SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.
ModerateCVE-2013-4929SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4930SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.
ModerateCVE-2013-4930SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4931SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.
ModerateCVE-2013-4931SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4932SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4932SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4933SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
ModerateCVE-2013-4933SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4934SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
ModerateCVE-2013-4934SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4935SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4935SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4936SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
ModerateCVE-2013-4936SUSE bug 831718cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-4956SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permissions.
LowCVE-2013-4956SUSE bug 835122SUSE bug 835123SUSE bug 836962cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5018SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow.
ModerateCVE-2013-5018SUSE bug 833278cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5123SUSE Linux Enterprise Desktop 12 SP4
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.
ModerateCVE-2013-5123SUSE bug 864406cpe:/o:suse:sled:12:sp4CVE-2013-5211SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
ModerateCVE-2013-5211SUSE bug 857195SUSE bug 889447SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5324SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3362, and CVE-2013-3363.
CriticalCVE-2013-5324SUSE bug 839897cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-5329SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5330.
ImportantCVE-2013-5329SUSE bug 850220cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-5330SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5329.
ImportantCVE-2013-5330SUSE bug 850220cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-5331SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code via crafted .swf content that leverages an unspecified "type confusion," as exploited in the wild in December 2013.
CriticalCVE-2013-5331SUSE bug 854881cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-5332SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CriticalCVE-2013-5332SUSE bug 854881cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-5590SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-5590SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5591SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-5591SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5592SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-5592SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5593SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.
ImportantCVE-2013-5593SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5595SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.
ImportantCVE-2013-5595SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5596SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.
ImportantCVE-2013-5596SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5597SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.
ImportantCVE-2013-5597SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5598SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.
ImportantCVE-2013-5598SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5599SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.
ImportantCVE-2013-5599SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5600SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.
ImportantCVE-2013-5600SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5601SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.
ImportantCVE-2013-5601SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5602SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.
ImportantCVE-2013-5602SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5603SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.
ImportantCVE-2013-5603SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5604SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.
ImportantCVE-2013-5604SUSE bug 847708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5605SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.
ModerateCVE-2013-5605SUSE bug 850148cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5609SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-5609SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5610SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-5610SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5611SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.
ModerateCVE-2013-5611SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5612SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
ModerateCVE-2013-5612SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5613SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
CriticalCVE-2013-5613SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5614SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
ModerateCVE-2013-5614SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5615SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
ModerateCVE-2013-5615SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5616SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
CriticalCVE-2013-5616SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5618SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.
CriticalCVE-2013-5618SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5619SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
ModerateCVE-2013-5619SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5653SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
ImportantCVE-2013-5653SUSE bug 1001951SUSE bug 1004237SUSE bug 1007816SUSE bug 1036453cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5717SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c.
ModerateCVE-2013-5717SUSE bug 839607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5718SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-5718SUSE bug 839607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5719SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2013-5719SUSE bug 839607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5720SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-5720SUSE bug 839607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5721SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-5721SUSE bug 839607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5722SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-5722SUSE bug 839607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5772SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat.
ModerateCVE-2013-5772SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5774SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
ModerateCVE-2013-5774SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5778SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ModerateCVE-2013-5778SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5780SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
ModerateCVE-2013-5780SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5782SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ModerateCVE-2013-5782SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5783SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing.
ModerateCVE-2013-5783SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5784SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING.
ModerateCVE-2013-5784SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5790SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS.
ModerateCVE-2013-5790SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5797SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
LowCVE-2013-5797SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5800SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS.
ModerateCVE-2013-5800SUSE bug 846177SUSE bug 846999SUSE bug 849212cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5802SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.
ModerateCVE-2013-5802SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5803SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.
ImportantCVE-2013-5803SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5804SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
ModerateCVE-2013-5804SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5805SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806.
ModerateCVE-2013-5805SUSE bug 846177SUSE bug 846999cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5806SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805.
ModerateCVE-2013-5806SUSE bug 846177SUSE bug 846999cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5809SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.
CriticalCVE-2013-5809SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5814SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
CriticalCVE-2013-5814SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5817SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.
CriticalCVE-2013-5817SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5820SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS.
ModerateCVE-2013-5820SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5823SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
ModerateCVE-2013-5823SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5825SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.
ModerateCVE-2013-5825SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5829SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809.
CriticalCVE-2013-5829SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5830SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CriticalCVE-2013-5830SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5840SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
ModerateCVE-2013-5840SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5842SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850.
ModerateCVE-2013-5842SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5849SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
ModerateCVE-2013-5849SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5850SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5842.
CriticalCVE-2013-5850SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5851SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
ModerateCVE-2013-5851SUSE bug 846177SUSE bug 846999SUSE bug 849212SUSE bug 852367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5878SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.
ModerateCVE-2013-5878SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5884SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories.
ModerateCVE-2013-5884SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5893SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.
ModerateCVE-2013-5893SUSE bug 858818cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5896SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.
ModerateCVE-2013-5896SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5907SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
ModerateCVE-2013-5907SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-5910SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.
ModerateCVE-2013-5910SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6075SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.
ImportantCVE-2013-6075SUSE bug 847506cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6076SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.
ImportantCVE-2013-6076SUSE bug 847509cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6336SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-6336SUSE bug 848738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6337SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-6337SUSE bug 848738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6338SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-6338SUSE bug 848738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6339SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.
ModerateCVE-2013-6339SUSE bug 848738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6340SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-6340SUSE bug 848738cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6367SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.
ModerateCVE-2013-6367SUSE bug 853051cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-6368SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
ModerateCVE-2013-6368SUSE bug 853052cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-6369SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file.
ModerateCVE-2013-6369SUSE bug 870855cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6370SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors.
ModerateCVE-2013-6370SUSE bug 870147cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6371SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.
ModerateCVE-2013-6371SUSE bug 870147cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6376SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.
ModerateCVE-2013-6376SUSE bug 853053cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-6381SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size.
ModerateCVE-2013-6381SUSE bug 852552cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6393SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.
ModerateCVE-2013-6393SUSE bug 860617SUSE bug 911782cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6399SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index error in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image.
ModerateCVE-2013-6399SUSE bug 864814SUSE bug 871442SUSE bug 964643cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6402SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
ModerateCVE-2013-6402SUSE bug 852368cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6405SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7281. Reason: This candidate is a duplicate of CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, and CVE-2013-7281. Notes: All CVE users should reference CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, and/or CVE-2013-7281 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
LowCVE-2013-6405SUSE bug 853040SUSE bug 854722SUSE bug 857643cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-6418SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.
ModerateCVE-2013-6418SUSE bug 856323cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6424SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
ModerateCVE-2013-6424SUSE bug 853846cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6427SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream.
ModerateCVE-2013-6427SUSE bug 852368SUSE bug 853405SUSE bug 900460SUSE bug 933191cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6435SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
ImportantCVE-2013-6435SUSE bug 1101137SUSE bug 906803SUSE bug 908128cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6436SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt 1.0.5 through 1.2.0 does not properly check the status of LXC guests when reading memory tunables, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) via a guest in the shutdown status, as demonstrated by the "virsh memtune" command.
ModerateCVE-2013-6436SUSE bug 854486cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6442SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended administrative change.
ModerateCVE-2013-6442SUSE bug 855866cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6449SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.
ModerateCVE-2013-6449SUSE bug 856687cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6450SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.
ModerateCVE-2013-6450SUSE bug 857203SUSE bug 861384SUSE bug 986238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6456SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function.
ModerateCVE-2013-6456SUSE bug 857490SUSE bug 868943cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6457SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command.
ModerateCVE-2013-6457SUSE bug 858824cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6458SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
ModerateCVE-2013-6458SUSE bug 857492cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6462SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file.
ModerateCVE-2013-6462SUSE bug 854915SUSE bug 882908cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6473SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.
ModerateCVE-2013-6473SUSE bug 866302cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6474SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.
ModerateCVE-2013-6474SUSE bug 866302cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6475SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.
ModerateCVE-2013-6475SUSE bug 866302cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6476SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
ModerateCVE-2013-6476SUSE bug 866302cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6477SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service (application crash) via a crafted timestamp value in an XMPP message.
ModerateCVE-2013-6477SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6478SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with underlying library support for wide Pango layouts, which allows user-assisted remote attackers to cause a denial of service (application crash) via a long URL that is examined with a tooltip.
ModerateCVE-2013-6478SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6479SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service (application crash) via a crafted response.
ModerateCVE-2013-6479SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6481SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (crash) via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read.
ModerateCVE-2013-6481SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6482SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service (NULL pointer dereference and crash) via a crafted (1) SOAP response, (2) OIM XML response, or (3) Content-Length header.
ModerateCVE-2013-6482SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6483SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply.
ModerateCVE-2013-6483SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6484SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The STUN protocol implementation in libpurple in Pidgin before 2.10.8 allows remote STUN servers to cause a denial of service (out-of-bounds write operation and application crash) by triggering a socket read error.
ModerateCVE-2013-6484SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows remote HTTP servers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid chunk-size field in chunked transfer-coding data.
ModerateCVE-2013-6485SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6486SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.
CriticalCVE-2013-6486SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6487SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.
ModerateCVE-2013-6487SUSE bug 861019SUSE bug 878540cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6497SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
ModerateCVE-2013-6497SUSE bug 1040662SUSE bug 906077cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6629SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
ModerateCVE-2013-6629SUSE bug 850430SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430SUSE bug 880246cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6630SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
ModerateCVE-2013-6630SUSE bug 850430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6671SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
CriticalCVE-2013-6671SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6672SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.
ModerateCVE-2013-6672SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6673SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
ModerateCVE-2013-6673SUSE bug 854370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-6954SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
ModerateCVE-2013-6954SUSE bug 856522SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7041SUSE Linux Enterprise Desktop 12
The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack.
ModerateCVE-2013-7041SUSE bug 1123794SUSE bug 854480cpe:/o:suse:sled:12CVE-2013-7098SUSE Linux Enterprise Desktop 12 SP4
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.
ImportantCVE-2013-7098SUSE bug 1163983cpe:/o:suse:sled:12:sp4CVE-2013-7112SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ImportantCVE-2013-7112SUSE bug 856498cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7113SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-7113SUSE bug 856495cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7114SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.
ImportantCVE-2013-7114SUSE bug 856496cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7171SUSE Linux Enterprise Desktop 12 SP4
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.
ModerateCVE-2013-7171SUSE bug 1160908cpe:/o:suse:sled:12:sp4CVE-2013-7263SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3
The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.
ModerateCVE-2013-7263SUSE bug 853040SUSE bug 857643cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3CVE-2013-7285SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.
ImportantCVE-2013-7285SUSE bug 1142383SUSE bug 1193824SUSE bug 875241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-7353SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.
ModerateCVE-2013-7353SUSE bug 873124cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7354SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
ModerateCVE-2013-7354SUSE bug 873123cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7422SUSE Linux Enterprise Desktop 12
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression.
ModerateCVE-2013-7422SUSE bug 915514cpe:/o:suse:sled:12CVE-2013-7423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.
ModerateCVE-2013-7423SUSE bug 915526cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7439SUSE Linux Enterprise Desktop 12
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.
ModerateCVE-2013-7439SUSE bug 927126SUSE bug 927220cpe:/o:suse:sled:12CVE-2013-7443SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.
LowCVE-2013-7443SUSE bug 938555cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-7446SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
ModerateCVE-2013-7446SUSE bug 955654SUSE bug 955837cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7447SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.
ModerateCVE-2013-7447SUSE bug 966682cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2013-7456SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.
ModerateCVE-2013-7456SUSE bug 982009cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2013-7470SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than CVE-2013-0310.
ImportantCVE-2013-7470SUSE bug 1133087cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0004SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.
ModerateCVE-2014-0004SUSE bug 865854cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0011SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering.
ModerateCVE-2014-0011SUSE bug 869307SUSE bug 900896cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0015SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
ModerateCVE-2014-0015SUSE bug 858673SUSE bug 868627SUSE bug 880252SUSE bug 882520SUSE bug 927556SUSE bug 962983cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0017SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision.
ModerateCVE-2014-0017SUSE bug 866278SUSE bug 866286cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0019SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
LowCVE-2014-0019SUSE bug 860991SUSE bug 927161cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0020SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message.
ModerateCVE-2014-0020SUSE bug 861019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0028SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.
ModerateCVE-2014-0028SUSE bug 859051cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0038SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
ImportantCVE-2014-0038SUSE bug 860993cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0060SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.
ModerateCVE-2014-0060SUSE bug 864845SUSE bug 864856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0061SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
ModerateCVE-2014-0061SUSE bug 864846SUSE bug 864856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0062SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.
ModerateCVE-2014-0062SUSE bug 864847SUSE bug 864856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0063SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.
ModerateCVE-2014-0063SUSE bug 864850SUSE bug 864856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0064SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
ModerateCVE-2014-0064SUSE bug 864851SUSE bug 864856SUSE bug 871307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0065SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.
ModerateCVE-2014-0065SUSE bug 864852SUSE bug 864856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0066SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
ModerateCVE-2014-0066SUSE bug 864853SUSE bug 864856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0067SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
LowCVE-2014-0067SUSE bug 864856SUSE bug 872783cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0076SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
ModerateCVE-2014-0076SUSE bug 869945SUSE bug 880891SUSE bug 883126SUSE bug 885777SUSE bug 905106cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0077SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.
ModerateCVE-2014-0077SUSE bug 870173SUSE bug 870576cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0092SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
ImportantCVE-2014-0092SUSE bug 865804SUSE bug 915878cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0100SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the inet_frag_intern function in net/ipv4/inet_fragment.c in the Linux kernel through 3.13.6 allows remote attackers to cause a denial of service (use-after-free error) or possibly have unspecified other impact via a large series of fragmented ICMP Echo Request packets to a system with a heavy CPU load.
ImportantCVE-2014-0100SUSE bug 866101cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0102SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The keyring_detect_cycle_iterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, which allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
ModerateCVE-2014-0102SUSE bug 1066001SUSE bug 866842cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0107SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
ModerateCVE-2014-0107SUSE bug 870082cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0114SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.
ImportantCVE-2014-0114SUSE bug 778464SUSE bug 875455SUSE bug 885963cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0131SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.
ModerateCVE-2014-0131SUSE bug 824295SUSE bug 867723SUSE bug 869564cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2014-0138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015.
ModerateCVE-2014-0138SUSE bug 868627SUSE bug 880252SUSE bug 882520cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
ModerateCVE-2014-0139SUSE bug 868629SUSE bug 880252SUSE bug 882520cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0142SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.
ModerateCVE-2014-0142SUSE bug 870439SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes.
ModerateCVE-2014-0143SUSE bug 870439SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0144SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-0144SUSE bug 870439SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0145SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).
ModerateCVE-2014-0145SUSE bug 870439SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.
ModerateCVE-2014-0146SUSE bug 870439SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0147SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-0147SUSE bug 870439SUSE bug 871442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
ModerateCVE-2014-0150SUSE bug 873235cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0155SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced.
ModerateCVE-2014-0155SUSE bug 824295SUSE bug 872540cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0160SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
ImportantCVE-2014-0160SUSE bug 872299cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0172SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow.
ModerateCVE-2014-0172SUSE bug 872785cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0178SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.
ModerateCVE-2014-0178SUSE bug 872396cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0179SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.
ModerateCVE-2014-0179SUSE bug 873705cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0181SUSE Linux Enterprise Desktop 12 SP3
The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.
ModerateCVE-2014-0181SUSE bug 875051cpe:/o:suse:sled:12:sp3CVE-2014-0182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image.
ModerateCVE-2014-0182SUSE bug 874788SUSE bug 964693cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0190SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
LowCVE-2014-0190SUSE bug 875470cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0191SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.
ImportantCVE-2014-0191SUSE bug 1014873SUSE bug 1123919SUSE bug 876652SUSE bug 877506SUSE bug 996079cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0195SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.
ModerateCVE-2014-0195SUSE bug 880891SUSE bug 885777SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0196SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
ModerateCVE-2014-0196SUSE bug 871252SUSE bug 875690SUSE bug 877345SUSE bug 879878SUSE bug 933423cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0198SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
ModerateCVE-2014-0198SUSE bug 876282SUSE bug 880891SUSE bug 885777SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0209SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.
ImportantCVE-2014-0209SUSE bug 857544cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0210SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.
ModerateCVE-2014-0210SUSE bug 857544cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0211SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.
ModerateCVE-2014-0211SUSE bug 857544cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0221SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.
ModerateCVE-2014-0221SUSE bug 880891SUSE bug 883126SUSE bug 885777SUSE bug 905106SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0222SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
ModerateCVE-2014-0222SUSE bug 877642SUSE bug 950367SUSE bug 964925cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0223SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.
ModerateCVE-2014-0223SUSE bug 877645cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0224SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
ModerateCVE-2014-0224SUSE bug 1146657SUSE bug 880891SUSE bug 883126SUSE bug 885777SUSE bug 892403SUSE bug 901237SUSE bug 903703SUSE bug 905018SUSE bug 905106SUSE bug 914447SUSE bug 915913SUSE bug 916239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0239SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.
ModerateCVE-2014-0239SUSE bug 878642cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0244SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.
ModerateCVE-2014-0244SUSE bug 880962SUSE bug 883758cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0245SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0.
ImportantCVE-2014-0245cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0247SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
ModerateCVE-2014-0247SUSE bug 879996cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0249SUSE Linux Enterprise Desktop 12 SP1
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.
LowCVE-2014-0249SUSE bug 880245cpe:/o:suse:sled:12:sp1CVE-2014-0250SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.
ModerateCVE-2014-0250SUSE bug 880317SUSE bug 975218cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0333SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.
ModerateCVE-2014-0333SUSE bug 866298cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0368SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.
ModerateCVE-2014-0368SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0373SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.
ModerateCVE-2014-0373SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0376SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for "code permissions when creating document builder factories."
ModerateCVE-2014-0376SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0408SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CriticalCVE-2014-0408SUSE bug 858818cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0411SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
ModerateCVE-2014-0411SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0416SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.
ModerateCVE-2014-0416SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0422SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.
ModerateCVE-2014-0422SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.
ModerateCVE-2014-0423SUSE bug 858818SUSE bug 862064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0428SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
ModerateCVE-2014-0428SUSE bug 858818SUSE bug 862064SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0429SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ModerateCVE-2014-0429SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0446SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ModerateCVE-2014-0446SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0451SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.
ModerateCVE-2014-0451SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0452SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423.
ModerateCVE-2014-0452SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0453SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
ModerateCVE-2014-0453SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0454SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
ModerateCVE-2014-0454SUSE bug 873873SUSE bug 877429cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0455SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402.
ModerateCVE-2014-0455SUSE bug 873873SUSE bug 877429cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0456SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ModerateCVE-2014-0456SUSE bug 873872SUSE bug 873873cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0457SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ModerateCVE-2014-0457SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0458SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423.
ModerateCVE-2014-0458SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0459SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D.
ModerateCVE-2014-0459SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0460SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.
ModerateCVE-2014-0460SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0461SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ModerateCVE-2014-0461SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0467SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in copy.c in Mutt before 1.5.23 allows remote attackers to cause a denial of service (crash) via a crafted RFC2047 header line, related to address expansion.
ModerateCVE-2014-0467SUSE bug 868115cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0475SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.
ModerateCVE-2014-0475SUSE bug 887022SUSE bug 896776SUSE bug 916222cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0491SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mechanisms via unknown vectors.
ModerateCVE-2014-0491SUSE bug 858822cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0492SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to defeat the ASLR protection mechanism by leveraging an "address leak."
ModerateCVE-2014-0492SUSE bug 858822cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0497SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2014-0497SUSE bug 862288cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0498SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2014-0498SUSE bug 865021cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0499SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.
CriticalCVE-2014-0499SUSE bug 865021cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0502SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.
CriticalCVE-2014-0502SUSE bug 865021cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0503SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ImportantCVE-2014-0503SUSE bug 867808cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0506SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to execute arbitrary code, and possibly bypass an Internet Explorer sandbox protection mechanism, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
CriticalCVE-2014-0506SUSE bug 872692cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0507SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2014-0507SUSE bug 872692cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0508SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
ModerateCVE-2014-0508SUSE bug 872692cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0509SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
ModerateCVE-2014-0509SUSE bug 872692cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0515SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.
ModerateCVE-2014-0515SUSE bug 875577SUSE bug 886454cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0516SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.
ImportantCVE-2014-0516SUSE bug 877649cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0517SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0518, CVE-2014-0519, and CVE-2014-0520.
CriticalCVE-2014-0517SUSE bug 877649cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0518SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0519, and CVE-2014-0520.
CriticalCVE-2014-0518SUSE bug 877649cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0519SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0520.
CriticalCVE-2014-0519SUSE bug 877649cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0520SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0519.
CriticalCVE-2014-0520SUSE bug 877649cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0531SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0532 and CVE-2014-0533.
ModerateCVE-2014-0531SUSE bug 882187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0532SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0533.
ModerateCVE-2014-0532SUSE bug 882187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0533SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0532.
ModerateCVE-2014-0533SUSE bug 882187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0534SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0535.
ModerateCVE-2014-0534SUSE bug 882187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0535SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0534.
ModerateCVE-2014-0535SUSE bug 882187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0536SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
ModerateCVE-2014-0536SUSE bug 882187cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0537SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0539.
CriticalCVE-2014-0537SUSE bug 886454SUSE bug 886472cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0538SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2014-0538SUSE bug 891688cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0539SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0537.
CriticalCVE-2014-0539SUSE bug 886454SUSE bug 886472cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0540SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545.
ModerateCVE-2014-0540SUSE bug 891688cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0541SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 allow attackers to bypass intended access restrictions via unspecified vectors.
ModerateCVE-2014-0541SUSE bug 891688cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0542SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545.
ModerateCVE-2014-0542SUSE bug 891688cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0543SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0544, and CVE-2014-0545.
ModerateCVE-2014-0543SUSE bug 891688cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0544SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, and CVE-2014-0545.
ModerateCVE-2014-0544SUSE bug 891688cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0545SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, and CVE-2014-0544.
ModerateCVE-2014-0545SUSE bug 891688cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
ModerateCVE-2014-0547SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0548SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.
ModerateCVE-2014-0548SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0549SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
ModerateCVE-2014-0549SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0550SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
ModerateCVE-2014-0550SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0551SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555.
ModerateCVE-2014-0551SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0552SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0555.
ModerateCVE-2014-0552SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0553SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2014-0553SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0554SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified vectors.
ModerateCVE-2014-0554SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0552.
ModerateCVE-2014-0555SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0556SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0559.
ModerateCVE-2014-0556SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0557SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.
ModerateCVE-2014-0557SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0558SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564.
ModerateCVE-2014-0558SUSE bug 901334SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0556.
ModerateCVE-2014-0559SUSE bug 895856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0564SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558.
ModerateCVE-2014-0564SUSE bug 901334SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0569SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2014-0569SUSE bug 901334SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0573SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0588 and CVE-2014-8438.
ModerateCVE-2014-0573SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0574SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2014-0574SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0576SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0581, CVE-2014-8440, and CVE-2014-8441.
ModerateCVE-2014-0576SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0577SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, and CVE-2014-0590.
ModerateCVE-2014-0577SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0578SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3115, CVE-2015-3116, CVE-2015-3125, and CVE-2015-5116.
CriticalCVE-2014-0578SUSE bug 937339cpe:/o:suse:sled:12CVE-2014-0580SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ModerateCVE-2014-0580SUSE bug 909219cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0581SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-8440, and CVE-2014-8441.
ImportantCVE-2014-0581SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0582SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0589.
ImportantCVE-2014-0582SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0583SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a transition from Low Integrity to Medium Integrity via unspecified vectors.
ModerateCVE-2014-0583SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0584SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0585, CVE-2014-0586, and CVE-2014-0590.
ImportantCVE-2014-0584SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0585SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0586, and CVE-2014-0590.
ImportantCVE-2014-0585SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0586SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0590.
ImportantCVE-2014-0586SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0587SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164.
ModerateCVE-2014-0587SUSE bug 909219cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0588SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-8438.
ImportantCVE-2014-0588SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0589SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0582.
ImportantCVE-2014-0589SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0590SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0586.
ImportantCVE-2014-0590SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-0591SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
ModerateCVE-2014-0591SUSE bug 858639cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0691SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643.
ModerateCVE-2014-0691cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-0791SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.
ModerateCVE-2014-0791SUSE bug 857491SUSE bug 975218cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-10070SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled.
ImportantCVE-2014-10070SUSE bug 1082885cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-10071SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
ModerateCVE-2014-10071SUSE bug 1082977cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-10072SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links.
ModerateCVE-2014-10072SUSE bug 1082975cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1344SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.
ModerateCVE-2014-1344SUSE bug 879607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1384SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1384SUSE bug 892084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1385SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1385SUSE bug 892084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1386SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1386SUSE bug 892084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1387SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1387SUSE bug 892084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1388SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1388SUSE bug 892084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1389SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1389SUSE bug 892084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1390SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1390SUSE bug 892084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1447SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.
ModerateCVE-2014-1447SUSE bug 858817cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1477SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-1477SUSE bug 861847SUSE bug 862345cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1478SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.
ModerateCVE-2014-1478SUSE bug 861847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1479SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
ModerateCVE-2014-1479SUSE bug 861847SUSE bug 862348cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1480SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.
ModerateCVE-2014-1480SUSE bug 861847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1481SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
ModerateCVE-2014-1481SUSE bug 861847SUSE bug 862309cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1482SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
ImportantCVE-2014-1482SUSE bug 861847SUSE bug 862356cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1483SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
ModerateCVE-2014-1483SUSE bug 861847SUSE bug 862360cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1484SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.
ModerateCVE-2014-1484SUSE bug 861847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.
ModerateCVE-2014-1485SUSE bug 861847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1486SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
CriticalCVE-2014-1486SUSE bug 861847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1487SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
ModerateCVE-2014-1487SUSE bug 861847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1488SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.
CriticalCVE-2014-1488SUSE bug 861847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1489SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.
ModerateCVE-2014-1489SUSE bug 861847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1490SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.
ModerateCVE-2014-1490SUSE bug 861847SUSE bug 862300cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1491SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.
ModerateCVE-2014-1491SUSE bug 861847SUSE bug 862289cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1492SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
ModerateCVE-2014-1492SUSE bug 869827SUSE bug 926974cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1544SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
ModerateCVE-2014-1544SUSE bug 887746cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1545SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.
ModerateCVE-2014-1545cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-1547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1548SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-1548SUSE bug 887746cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1553SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-1553SUSE bug 894370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1554SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-1554SUSE bug 894370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.
ModerateCVE-2014-1555SUSE bug 887746cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1556SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.
ModerateCVE-2014-1556SUSE bug 887746cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1557SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.
ModerateCVE-2014-1557SUSE bug 887746cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1562SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2014-1562SUSE bug 894370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1563SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
ModerateCVE-2014-1563SUSE bug 894370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1564SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.
ModerateCVE-2014-1564SUSE bug 894370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1565SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.
ModerateCVE-2014-1565SUSE bug 894370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1567SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.
CriticalCVE-2014-1567SUSE bug 894370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1568SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.
ModerateCVE-2014-1568SUSE bug 1107874SUSE bug 897890SUSE bug 898959cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1569SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00.
ModerateCVE-2014-1569SUSE bug 910647SUSE bug 913096SUSE bug 917597cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1574SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-1574SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1575SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage collection in the GCRuntime::triggerGC function in js/src/jsgc.cpp, and unknown other vectors.
ModerateCVE-2014-1575SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1576SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.
ModerateCVE-2014-1576SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1577SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.
ModerateCVE-2014-1577SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1578SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.
ModerateCVE-2014-1578SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1581SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.
ModerateCVE-2014-1581SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1583SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.
ModerateCVE-2014-1583SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1585SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.
ModerateCVE-2014-1585SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1586SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations by maintaining a session after the user temporarily navigates away.
ModerateCVE-2014-1586SUSE bug 900941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1587SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-1587SUSE bug 908009cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1588SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-1588SUSE bug 908009cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1590SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.
ModerateCVE-2014-1590SUSE bug 908009cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1592SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.
ModerateCVE-2014-1592SUSE bug 908009cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1593SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
ModerateCVE-2014-1593SUSE bug 908009cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1594SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.
ModerateCVE-2014-1594SUSE bug 908009cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1595SUSE Linux Enterprise Desktop 12
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information.
ModerateCVE-2014-1595SUSE bug 908009cpe:/o:suse:sled:12CVE-2014-1624SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP4
Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called.
LowCVE-2014-1624SUSE bug 859835cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp4CVE-2014-1737SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.
ModerateCVE-2014-1737SUSE bug 875798SUSE bug 877345cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1738SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.
ModerateCVE-2014-1738SUSE bug 875798SUSE bug 877345cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1748SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.
ModerateCVE-2014-1748SUSE bug 909707SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1829SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.
LowCVE-2014-1829SUSE bug 897658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1830SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.
LowCVE-2014-1830SUSE bug 897658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1876SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.
ModerateCVE-2014-1876SUSE bug 863305SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1912SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
ImportantCVE-2014-1912SUSE bug 1049392SUSE bug 1049422SUSE bug 863741SUSE bug 882915SUSE bug 912739cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1932SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on the temporary file.
ModerateCVE-2014-1932SUSE bug 863541SUSE bug 921566cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-1959SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
ModerateCVE-2014-1959SUSE bug 863989SUSE bug 865993cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2240SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.
ModerateCVE-2014-2240SUSE bug 867620SUSE bug 916867cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2241SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.
ModerateCVE-2014-2241SUSE bug 867620cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2281SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.
ModerateCVE-2014-2281SUSE bug 867485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2282SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.
ModerateCVE-2014-2282SUSE bug 867485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2283SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.
ModerateCVE-2014-2283SUSE bug 867485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2284SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.
ModerateCVE-2014-2284SUSE bug 866942SUSE bug 875217SUSE bug 969779cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2285SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.
ModerateCVE-2014-2285SUSE bug 866942SUSE bug 875217SUSE bug 969779cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2299SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.
ModerateCVE-2014-2299SUSE bug 867485cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2309SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.
ModerateCVE-2014-2309SUSE bug 824295SUSE bug 867531cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2338SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
ModerateCVE-2014-2338SUSE bug 870572cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2397SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ModerateCVE-2014-2397SUSE bug 873872SUSE bug 873873cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2398SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
LowCVE-2014-2398SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2402SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-0455.
ModerateCVE-2014-2402SUSE bug 873873SUSE bug 877429cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2403SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
ModerateCVE-2014-2403SUSE bug 873872SUSE bug 873873cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2412SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.
ModerateCVE-2014-2412SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2413SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Libraries.
ModerateCVE-2014-2413SUSE bug 873873cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2414SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB.
ModerateCVE-2014-2414SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2421SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ModerateCVE-2014-2421SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458.
ModerateCVE-2014-2423SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2427SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
ModerateCVE-2014-2427SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2483SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."
ModerateCVE-2014-2483SUSE bug 887530cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2490SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ModerateCVE-2014-2490SUSE bug 887530cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2494SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.
ModerateCVE-2014-2494SUSE bug 887580SUSE bug 915914cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2497SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
LowCVE-2014-2497SUSE bug 868624cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2523SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.
ImportantCVE-2014-2523SUSE bug 868653cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-2524SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
LowCVE-2014-2524SUSE bug 868822cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2525SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
ModerateCVE-2014-2525SUSE bug 868944SUSE bug 911782cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2568SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the skb_zerocopy function in net/core/skbuff.c before the vulnerability was announced.
ModerateCVE-2014-2568SUSE bug 869564cpe:/o:suse:sled:12:sp1CVE-2014-2583SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.
ModerateCVE-2014-2583SUSE bug 870433cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2653SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
ModerateCVE-2014-2653SUSE bug 1074631SUSE bug 870532SUSE bug 913479SUSE bug 916239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2667SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value.
ModerateCVE-2014-2667SUSE bug 871152cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2672SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions.
ModerateCVE-2014-2672SUSE bug 871148cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2678SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.
ModerateCVE-2014-2678SUSE bug 871561cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2706SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.
ModerateCVE-2014-2706SUSE bug 871797cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2707SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
ModerateCVE-2014-2707SUSE bug 871327SUSE bug 883543SUSE bug 921753SUSE bug 937018cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2830SUSE Linux Enterprise Desktop 12
Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.
ModerateCVE-2014-2830SUSE bug 870168cpe:/o:suse:sled:12CVE-2014-2855SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
ModerateCVE-2014-2855SUSE bug 873740cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2856SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.
ModerateCVE-2014-2856SUSE bug 873899cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2892SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.
ImportantCVE-2014-2892SUSE bug 874723cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2907SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-2907SUSE bug 874693SUSE bug 874760cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2977SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.
CriticalCVE-2014-2977SUSE bug 878345cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-2978SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.
CriticalCVE-2014-2978SUSE bug 878349cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3124SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types.
ModerateCVE-2014-3124SUSE bug 875668SUSE bug 880751SUSE bug 903970cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3153SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
ImportantCVE-2014-3153SUSE bug 877775SUSE bug 880892SUSE bug 882228cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3158SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables."
ModerateCVE-2014-3158SUSE bug 891489cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3181SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with an event.
ModerateCVE-2014-3181SUSE bug 896382cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-3184SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.
ModerateCVE-2014-3184SUSE bug 896390cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-3185SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.
ModerateCVE-2014-3185SUSE bug 896391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-3186SUSE Linux Enterprise Desktop 12 SP3
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report.
ModerateCVE-2014-3186SUSE bug 896392cpe:/o:suse:sled:12:sp3CVE-2014-3230SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable.
ImportantCVE-2014-3230SUSE bug 876862cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3248SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.
ModerateCVE-2014-3248SUSE bug 879913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3253SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2014-3253cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3421SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
ModerateCVE-2014-3421SUSE bug 876847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3422SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
ModerateCVE-2014-3422SUSE bug 876847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
ModerateCVE-2014-3423SUSE bug 876847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3424SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
ModerateCVE-2014-3424SUSE bug 876847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3461SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."
ModerateCVE-2014-3461SUSE bug 878541cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3466SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
ModerateCVE-2014-3466SUSE bug 880730cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3467SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.
ModerateCVE-2014-3467SUSE bug 880737SUSE bug 880910cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3468SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.
ModerateCVE-2014-3468SUSE bug 880735SUSE bug 880910cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3469SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.
ModerateCVE-2014-3469SUSE bug 880738SUSE bug 880910cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3470SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
ModerateCVE-2014-3470SUSE bug 880891SUSE bug 883126SUSE bug 885777SUSE bug 905106SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3477SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.
ModerateCVE-2014-3477SUSE bug 1010769SUSE bug 881137cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3493SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.
ModerateCVE-2014-3493SUSE bug 878642SUSE bug 880962SUSE bug 883758cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3505SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition.
ImportantCVE-2014-3505SUSE bug 890759SUSE bug 890764SUSE bug 890767SUSE bug 905106cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3506SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
ImportantCVE-2014-3506SUSE bug 890759SUSE bug 890764SUSE bug 890768SUSE bug 905106cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3507SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function.
ImportantCVE-2014-3507SUSE bug 890759SUSE bug 890764SUSE bug 890769SUSE bug 905106cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3508SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.
ImportantCVE-2014-3508SUSE bug 890759SUSE bug 890764SUSE bug 905106SUSE bug 950708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3509SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.
ImportantCVE-2014-3509SUSE bug 890759SUSE bug 890766cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3510SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite.
ImportantCVE-2014-3510SUSE bug 890759SUSE bug 890764SUSE bug 890770SUSE bug 905106cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3511SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue.
ImportantCVE-2014-3511SUSE bug 890759SUSE bug 890771cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3512SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
ImportantCVE-2014-3512SUSE bug 890759SUSE bug 890772cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3513SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.
ModerateCVE-2014-3513SUSE bug 901277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3524SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
ModerateCVE-2014-3524SUSE bug 893133cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3532SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.
ModerateCVE-2014-3532SUSE bug 885241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3533SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.
ModerateCVE-2014-3533SUSE bug 885241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3534SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call.
ImportantCVE-2014-3534SUSE bug 885460cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-3537SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
ModerateCVE-2014-3537SUSE bug 887240cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3540SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0114. Reason: This candidate is a duplicate of CVE-2014-0114. CVE abstraction content decisions did not require a second ID. Notes: All CVE users should reference CVE-2014-0114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2014-3540SUSE bug 885963cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-3560SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
ImportantCVE-2014-3560SUSE bug 889429cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3564SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."
ModerateCVE-2014-3564SUSE bug 890123cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3565SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.
ModerateCVE-2014-3565SUSE bug 894361SUSE bug 969779cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3566SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
ModerateCVE-2014-3566SUSE bug 1011293SUSE bug 1031023SUSE bug 901223SUSE bug 901254SUSE bug 901277SUSE bug 901748SUSE bug 901757SUSE bug 901759SUSE bug 901889SUSE bug 901968SUSE bug 902229SUSE bug 902233SUSE bug 902476SUSE bug 903405SUSE bug 903684SUSE bug 904889SUSE bug 905106SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3567SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.
ImportantCVE-2014-3567SUSE bug 877506SUSE bug 901277SUSE bug 905106cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3568SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.
LowCVE-2014-3568SUSE bug 901277SUSE bug 905106SUSE bug 911399SUSE bug 986238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3569SUSE Linux Enterprise Desktop 12 SP4
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix.
ModerateCVE-2014-3569SUSE bug 911399SUSE bug 927623SUSE bug 986238cpe:/o:suse:sled:12:sp4CVE-2014-3570SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.
ModerateCVE-2014-3570SUSE bug 912296SUSE bug 927623SUSE bug 937891SUSE bug 944456cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.
ModerateCVE-2014-3571SUSE bug 912294SUSE bug 927623cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3572SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.
ModerateCVE-2014-3572SUSE bug 912015SUSE bug 927623SUSE bug 937891cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3575SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
ImportantCVE-2014-3575SUSE bug 893141SUSE bug 934423cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3591SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
ModerateCVE-2014-3591SUSE bug 920057SUSE bug 949135cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3601SUSE Linux Enterprise Desktop 12 SP3
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages.
ModerateCVE-2014-3601SUSE bug 892782SUSE bug 902675cpe:/o:suse:sled:12:sp3CVE-2014-3610SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.
ModerateCVE-2014-3610SUSE bug 899192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3611SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.
ImportantCVE-2014-3611SUSE bug 899192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-3613SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.
ModerateCVE-2014-3613SUSE bug 894575cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3615SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
ModerateCVE-2014-3615SUSE bug 895528SUSE bug 918998cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-3618SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."
ModerateCVE-2014-3618SUSE bug 1068648SUSE bug 894999SUSE bug 898303cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3620SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.
ModerateCVE-2014-3620SUSE bug 1199221SUSE bug 894575SUSE bug 895991cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3633SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.
LowCVE-2014-3633SUSE bug 897783cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3634SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.
ImportantCVE-2014-3634SUSE bug 897262SUSE bug 899756cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3635SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure.
ModerateCVE-2014-3635SUSE bug 896453cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3636SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call.
ModerateCVE-2014-3636SUSE bug 896453SUSE bug 904017cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3637SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.
ModerateCVE-2014-3637SUSE bug 896453cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3638SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.
ModerateCVE-2014-3638SUSE bug 896453SUSE bug 903055SUSE bug 903057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3639SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections.
ModerateCVE-2014-3639SUSE bug 896453SUSE bug 903055SUSE bug 903057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3640SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
CVE-2014-3640SUSE bug 897654SUSE bug 965112cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3646SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
ModerateCVE-2014-3646SUSE bug 899192cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3647SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
ModerateCVE-2014-3647SUSE bug 1013038SUSE bug 1134834SUSE bug 899192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3657SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command.
ModerateCVE-2014-3657SUSE bug 897783SUSE bug 899484cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3660SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack.
ModerateCVE-2014-3660SUSE bug 1123919SUSE bug 901546cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3672SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.
ModerateCVE-2014-3672SUSE bug 981264cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3673SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.
ModerateCVE-2014-3673SUSE bug 902346SUSE bug 902349SUSE bug 904899cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-3675SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.
ModerateCVE-2014-3675SUSE bug 889332cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3676SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."
ModerateCVE-2014-3676SUSE bug 889332cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3677SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.
ModerateCVE-2014-3677SUSE bug 889332cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3683SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.
ModerateCVE-2014-3683SUSE bug 897262SUSE bug 899756cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3686SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
ModerateCVE-2014-3686SUSE bug 1063667SUSE bug 900611SUSE bug 915323cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3687SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.
ImportantCVE-2014-3687SUSE bug 902349SUSE bug 904899SUSE bug 909208cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3688SUSE Linux Enterprise Desktop 12 SP3
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.
ImportantCVE-2014-3688SUSE bug 902351cpe:/o:suse:sled:12:sp3CVE-2014-3689SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.
ModerateCVE-2014-3689SUSE bug 1189862SUSE bug 901508SUSE bug 962611cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-3690SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.
ModerateCVE-2014-3690SUSE bug 902232cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-3693SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
ModerateCVE-2014-3693SUSE bug 900214cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3694SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
ModerateCVE-2014-3694SUSE bug 902495cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3695SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
ModerateCVE-2014-3695SUSE bug 902409cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3696SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.
ModerateCVE-2014-3696SUSE bug 902410cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3697SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.
ModerateCVE-2014-3697cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3698SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.
ModerateCVE-2014-3698SUSE bug 902408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3707SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
ModerateCVE-2014-3707SUSE bug 901924SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3710SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
ModerateCVE-2014-3710SUSE bug 902367SUSE bug 910252cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3775SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.
ModerateCVE-2014-3775SUSE bug 878540cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-3917SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.
ModerateCVE-2014-3917SUSE bug 880484cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-3940SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.
ModerateCVE-2014-3940SUSE bug 881101cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-3970SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.
LowCVE-2014-3970SUSE bug 881524cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4020SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-4020SUSE bug 882602cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4043SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
ModerateCVE-2014-4043SUSE bug 882600SUSE bug 939797cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4157SUSE Linux Enterprise Desktop 12 SP1
arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem.
ModerateCVE-2014-4157SUSE bug 987709SUSE bug 994755cpe:/o:suse:sled:12:sp1CVE-2014-4171SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex hold) by using the mmap system call to access a hole, as demonstrated by interfering with intended shmem activity by blocking completion of (1) an MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call.
ModerateCVE-2014-4171SUSE bug 883518cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-4207SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.
ModerateCVE-2014-4207SUSE bug 887580SUSE bug 915914cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4209SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.
ModerateCVE-2014-4209SUSE bug 887530SUSE bug 891699SUSE bug 891700SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4216SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ModerateCVE-2014-4216SUSE bug 887530cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4218SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.
ModerateCVE-2014-4218SUSE bug 887530SUSE bug 891699SUSE bug 891700SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4219SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ModerateCVE-2014-4219SUSE bug 887530SUSE bug 891699SUSE bug 891700SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4221SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
ModerateCVE-2014-4221SUSE bug 887530SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4223SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.
ModerateCVE-2014-4223SUSE bug 887530cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4244SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
ModerateCVE-2014-4244SUSE bug 887530SUSE bug 891699SUSE bug 891700SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4252SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.
ModerateCVE-2014-4252SUSE bug 887530SUSE bug 891699SUSE bug 891700SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4258SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.
ModerateCVE-2014-4258SUSE bug 887580SUSE bug 915914cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4260SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.
ModerateCVE-2014-4260SUSE bug 887580SUSE bug 915914cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4262SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ModerateCVE-2014-4262SUSE bug 887530SUSE bug 891699SUSE bug 891700SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4263SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
ModerateCVE-2014-4263SUSE bug 887530SUSE bug 891699SUSE bug 891700SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4264SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability via unknown vectors related to Security.
ModerateCVE-2014-4264SUSE bug 887530cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4266SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.
ModerateCVE-2014-4266SUSE bug 887530SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4268SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
ModerateCVE-2014-4268SUSE bug 887530SUSE bug 891699SUSE bug 891700SUSE bug 891701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4274SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.
ModerateCVE-2014-4274SUSE bug 857678SUSE bug 896400SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4287SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.
ModerateCVE-2014-4287SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4322SUSE Linux Enterprise Desktop 12 SP1
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application.
ImportantCVE-2014-4322SUSE bug 987709SUSE bug 994751cpe:/o:suse:sled:12:sp1CVE-2014-4336SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
ModerateCVE-2014-4336SUSE bug 871327SUSE bug 883543cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4337SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data.
ModerateCVE-2014-4337SUSE bug 871327SUSE bug 883543cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4338SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses.
ModerateCVE-2014-4338SUSE bug 871327SUSE bug 883536cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4341SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
ModerateCVE-2014-4341SUSE bug 770172SUSE bug 886016cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4342SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
ModerateCVE-2014-4342SUSE bug 770172SUSE bug 886016cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4343SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
ModerateCVE-2014-4343SUSE bug 770172SUSE bug 888697cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4344SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
ModerateCVE-2014-4344SUSE bug 888697cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4345SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.
ModerateCVE-2014-4345SUSE bug 770172SUSE bug 891082cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4508SUSE Linux Enterprise Desktop 12 SP3
arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.
ImportantCVE-2014-4508SUSE bug 883724cpe:/o:suse:sled:12:sp3CVE-2014-4607SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.
ModerateCVE-2014-4607SUSE bug 883947cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4608SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is *not* affected; media hype."
ModerateCVE-2014-4608SUSE bug 883948cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-4611SUSE Linux Enterprise Desktop 12 SP3
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.
ModerateCVE-2014-4611SUSE bug 883949SUSE bug 885389cpe:/o:suse:sled:12:sp3CVE-2014-4617SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
ModerateCVE-2014-4617SUSE bug 884130SUSE bug 962098cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4650SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.
ModerateCVE-2014-4650SUSE bug 856835SUSE bug 856836SUSE bug 863741SUSE bug 885882SUSE bug 898572SUSE bug 912739cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4652SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.
ModerateCVE-2014-4652SUSE bug 883795cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-4653SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.
ModerateCVE-2014-4653SUSE bug 883795cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-4654SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call.
ModerateCVE-2014-4654SUSE bug 883795cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-4655SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.
ModerateCVE-2014-4655SUSE bug 883795cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-4656SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.
ModerateCVE-2014-4656SUSE bug 883795cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-4671SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API.
CriticalCVE-2014-4671SUSE bug 886454SUSE bug 891688cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-4699SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
ModerateCVE-2014-4699SUSE bug 885725cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-4877SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.
ImportantCVE-2014-4877SUSE bug 902709cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4910SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface name.
ModerateCVE-2014-4910cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-4943SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
ImportantCVE-2014-4943SUSE bug 887082cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-4975SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
LowCVE-2014-4975SUSE bug 887877cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5029SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.
ModerateCVE-2014-5029SUSE bug 887240cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5030SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
ModerateCVE-2014-5030SUSE bug 887240cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5031SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
ModerateCVE-2014-5031SUSE bug 887240cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5044SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation.
ModerateCVE-2014-5044SUSE bug 888791cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5045SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program.
ModerateCVE-2014-5045SUSE bug 889060cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-5077SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.
ImportantCVE-2014-5077SUSE bug 889173cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-5119SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
ModerateCVE-2014-5119SUSE bug 892073SUSE bug 903057SUSE bug 916222cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.
ImportantCVE-2014-5139SUSE bug 886831SUSE bug 890759SUSE bug 890765cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5149.
ModerateCVE-2014-5146SUSE bug 889526SUSE bug 903970SUSE bug 918998SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5149SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5146.
ModerateCVE-2014-5149SUSE bug 889526SUSE bug 903970SUSE bug 918998SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5161SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.
ModerateCVE-2014-5161SUSE bug 889854SUSE bug 889901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5162SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote attackers to cause a denial of service (off-by-one buffer underflow and application crash) via a crafted packet.
ModerateCVE-2014-5162SUSE bug 889854SUSE bug 889901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5163SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-5163SUSE bug 889854SUSE bug 889906cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5164SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-5164SUSE bug 889854SUSE bug 889900cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5165SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.
ModerateCVE-2014-5165SUSE bug 889854SUSE bug 889899cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5206SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.
ModerateCVE-2014-5206SUSE bug 891689cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-5207SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.
ModerateCVE-2014-5207SUSE bug 891689cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-5209SUSE Linux Enterprise Desktop 12 SP4
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
ModerateCVE-2014-5209SUSE bug 1160447cpe:/o:suse:sled:12:sp4CVE-2014-5220SUSE Linux Enterprise Desktop 12
The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root.
ModerateCVE-2014-5220SUSE bug 910500cpe:/o:suse:sled:12CVE-2014-5351SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
ModerateCVE-2014-5351SUSE bug 897874cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5352SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind.
ModerateCVE-2014-5352SUSE bug 1005509SUSE bug 770172SUSE bug 912002cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5353SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.
LowCVE-2014-5353SUSE bug 910457cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5354SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command.
LowCVE-2014-5354SUSE bug 910458cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5355SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c.
ModerateCVE-2014-5355SUSE bug 770172SUSE bug 918595cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5461SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.
ModerateCVE-2014-5461SUSE bug 893824cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-5471SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry.
ModerateCVE-2014-5471SUSE bug 892490cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-5472SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry.
ModerateCVE-2014-5472SUSE bug 892490cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-6040SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.
ModerateCVE-2014-6040SUSE bug 894553SUSE bug 903057SUSE bug 916222cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6051SUSE Linux Enterprise Desktop 12
Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.
ModerateCVE-2014-6051SUSE bug 897031SUSE bug 900896cpe:/o:suse:sled:12CVE-2014-6052SUSE Linux Enterprise Desktop 12
The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.
ModerateCVE-2014-6052SUSE bug 897031cpe:/o:suse:sled:12CVE-2014-6053SUSE Linux Enterprise Desktop 12
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.
ModerateCVE-2014-6053SUSE bug 897031cpe:/o:suse:sled:12CVE-2014-6054SUSE Linux Enterprise Desktop 12
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message.
ModerateCVE-2014-6054SUSE bug 897031cpe:/o:suse:sled:12CVE-2014-6055SUSE Linux Enterprise Desktop 12
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.
ModerateCVE-2014-6055SUSE bug 897031cpe:/o:suse:sled:12CVE-2014-6268SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU.
ModerateCVE-2014-6268SUSE bug 895804cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6271SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
ImportantCVE-2014-6271SUSE bug 1024628SUSE bug 1130324SUSE bug 870618SUSE bug 896776SUSE bug 898346SUSE bug 898604SUSE bug 898812SUSE bug 898884SUSE bug 900127SUSE bug 900454cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6272SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2015-6525 for the functions that are only affected in 2.0 and later.
ModerateCVE-2014-6272SUSE bug 897243SUSE bug 943011SUSE bug 947373cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6277SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.
ImportantCVE-2014-6277SUSE bug 898812SUSE bug 898884SUSE bug 900127SUSE bug 900454cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6278SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
ImportantCVE-2014-6278SUSE bug 898604SUSE bug 898812SUSE bug 898884SUSE bug 900127cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6438SUSE Linux Enterprise Desktop 12
The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string.
ImportantCVE-2014-6438SUSE bug 937962cpe:/o:suse:sled:12CVE-2014-6457SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
ModerateCVE-2014-6457SUSE bug 901239SUSE bug 901242SUSE bug 901246SUSE bug 904889cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6463SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.
ModerateCVE-2014-6463SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6464SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.
ModerateCVE-2014-6464SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6469SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.
ModerateCVE-2014-6469SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6474SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.
ModerateCVE-2014-6474SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6478SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.
ModerateCVE-2014-6478SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6484SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.
ModerateCVE-2014-6484SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6489SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.
ModerateCVE-2014-6489SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6491SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500.
ModerateCVE-2014-6491SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6494SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.
ModerateCVE-2014-6494SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6495SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.
ModerateCVE-2014-6495SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6496SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.
ModerateCVE-2014-6496SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6500SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491.
ModerateCVE-2014-6500SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6502SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries.
ModerateCVE-2014-6502SUSE bug 901239SUSE bug 901242SUSE bug 901246SUSE bug 904889cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6504SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot.
ModerateCVE-2014-6504SUSE bug 901239SUSE bug 901242SUSE bug 901246cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6505SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.
ModerateCVE-2014-6505SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6506SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ModerateCVE-2014-6506SUSE bug 901239SUSE bug 901242SUSE bug 901246SUSE bug 904889cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6507SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
ModerateCVE-2014-6507SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6511SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ModerateCVE-2014-6511SUSE bug 901239SUSE bug 901242SUSE bug 901246SUSE bug 904889cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6512SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.
ModerateCVE-2014-6512SUSE bug 901239SUSE bug 901242SUSE bug 901246SUSE bug 904889cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6513SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
ModerateCVE-2014-6513SUSE bug 901239SUSE bug 901242SUSE bug 901246SUSE bug 904889cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6517SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
ModerateCVE-2014-6517SUSE bug 901239SUSE bug 901242SUSE bug 901246cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6519SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot.
ModerateCVE-2014-6519SUSE bug 901239SUSE bug 901242SUSE bug 901246cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6520SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.
ModerateCVE-2014-6520SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6530SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.
ModerateCVE-2014-6530SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6531SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
ModerateCVE-2014-6531SUSE bug 901239SUSE bug 901242SUSE bug 901246SUSE bug 904889cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6551SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.
ModerateCVE-2014-6551SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
ModerateCVE-2014-6555SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6558SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.
ModerateCVE-2014-6558SUSE bug 901239SUSE bug 901242SUSE bug 901246SUSE bug 904889cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.
ModerateCVE-2014-6559SUSE bug 901237SUSE bug 915912cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6564SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.
ModerateCVE-2014-6564SUSE bug 901237SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6568SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.
ModerateCVE-2014-6568SUSE bug 914058SUSE bug 915911cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6585SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.
ModerateCVE-2014-6585SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6587SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ModerateCVE-2014-6587SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6591SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.
ModerateCVE-2014-6591SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6593SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
ModerateCVE-2014-6593SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-6601SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ModerateCVE-2014-6601SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7154SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.
ModerateCVE-2014-7154SUSE bug 880751SUSE bug 895798cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7155SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.
ModerateCVE-2014-7155SUSE bug 880751SUSE bug 895799cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7156SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors.
ModerateCVE-2014-7156SUSE bug 880751SUSE bug 895802cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7169SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
ImportantCVE-2014-7169SUSE bug 1024628SUSE bug 1130324SUSE bug 870618SUSE bug 896776SUSE bug 898346SUSE bug 898812SUSE bug 898884SUSE bug 899266SUSE bug 900127SUSE bug 900454SUSE bug 902237cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7185SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
ModerateCVE-2014-7185SUSE bug 898572SUSE bug 912739SUSE bug 913479SUSE bug 955182cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7186SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the "redir_stack" issue.
ModerateCVE-2014-7186SUSE bug 1024628SUSE bug 898603SUSE bug 898812SUSE bug 898884SUSE bug 899039cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7187SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.
ModerateCVE-2014-7187SUSE bug 1024628SUSE bug 898603SUSE bug 898812SUSE bug 898884SUSE bug 899039cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7188SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors.
ImportantCVE-2014-7188SUSE bug 880751SUSE bug 897657SUSE bug 903970cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7202SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request.
ModerateCVE-2014-7202SUSE bug 898917cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7203SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.
ModerateCVE-2014-7203SUSE bug 898917cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7204SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.
LowCVE-2014-7204SUSE bug 899486cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7207SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access.
ModerateCVE-2014-7207SUSE bug 1139403SUSE bug 902351cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7283SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations.
ModerateCVE-2014-7283SUSE bug 899480cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7300SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.
ModerateCVE-2014-7300SUSE bug 900031cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7815SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
ModerateCVE-2014-7815SUSE bug 902737SUSE bug 962627cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7817SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
ModerateCVE-2014-7817SUSE bug 906371cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7822SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem.
ModerateCVE-2014-7822SUSE bug 915322SUSE bug 915517SUSE bug 939240cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-7823SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.
LowCVE-2014-7823SUSE bug 904176cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7824SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3636.1.
ModerateCVE-2014-7824SUSE bug 904017cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7826SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.
CVE-2014-7826SUSE bug 904012SUSE bug 904013cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-7840SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
ModerateCVE-2014-7840SUSE bug 905097cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7841SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
ImportantCVE-2014-7841SUSE bug 904899SUSE bug 905100cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-7842SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313.
ModerateCVE-2014-7842SUSE bug 905312SUSE bug 907822cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-7843SUSE Linux Enterprise Desktop 12 SP1
The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary.
ModerateCVE-2014-7843SUSE bug 987709SUSE bug 994751SUSE bug 994752cpe:/o:suse:sled:12:sp1CVE-2014-7844SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
ImportantCVE-2014-7844SUSE bug 909208cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-7970SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.
ModerateCVE-2014-7970SUSE bug 900644cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-7975SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call.
ModerateCVE-2014-7975SUSE bug 900392cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-8080SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.
ModerateCVE-2014-8080SUSE bug 902851cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8086SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.
ModerateCVE-2014-8086SUSE bug 900881cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8090SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.
ModerateCVE-2014-8090SUSE bug 905326cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8091SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request.
ModerateCVE-2014-8091SUSE bug 882226SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8092SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write.
ModerateCVE-2014-8092SUSE bug 1146596SUSE bug 907268SUSE bug 928520cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8093SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels, (3) __glXDisp_GetTexImage, (4) __glXDispSwap_GetTexImage, (5) GetSeparableFilter, (6) GetConvolutionFilter, (7) GetHistogram, (8) GetMinmax, (9) GetColorTable, (10) __glXGetAnswerBuffer, (11) __GLX_GET_ANSWER_BUFFER, (12) __glXMap1dReqSize, (13) __glXMap1fReqSize, (14) Map2Size, (15) __glXMap2dReqSize, (16) __glXMap2fReqSize, (17) __glXImageSize, or (18) __glXSeparableFilter2DReqSize function, which triggers an out-of-bounds read or write.
ImportantCVE-2014-8093SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8094SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write.
ModerateCVE-2014-8094SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8095SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceControl, (3) ProcXChangeFeedbackControl, (4) ProcXSendExtensionEvent, (5) SProcXIAllowEvents, (6) SProcXIChangeCursor, (7) ProcXIChangeHierarchy, (8) SProcXIGetClientPointer, (9) SProcXIGrabDevice, (10) SProcXIUngrabDevice, (11) ProcXIUngrabDevice, (12) SProcXIPassiveGrabDevice, (13) ProcXIPassiveGrabDevice, (14) SProcXIPassiveUngrabDevice, (15) ProcXIPassiveUngrabDevice, (16) SProcXListDeviceProperties, (17) SProcXDeleteDeviceProperty, (18) SProcXIListProperties, (19) SProcXIDeleteProperty, (20) SProcXIGetProperty, (21) SProcXIQueryDevice, (22) SProcXIQueryPointer, (23) SProcXISelectEvents, (24) SProcXISetClientPointer, (25) SProcXISetFocus, (26) SProcXIGetFocus, or (27) SProcXIWarpPointer function.
ModerateCVE-2014-8095SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8096SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value.
ModerateCVE-2014-8096SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8097SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function.
ModerateCVE-2014-8097SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8098SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) __glXDisp_Render, (2) __glXDisp_RenderLarge, (3) __glXDispSwap_VendorPrivate, (4) __glXDispSwap_VendorPrivateWithReply, (5) set_client_info, (6) __glXDispSwap_SetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) __glXDispSwap_RenderMode, (11) __glXDisp_GetCompressedTexImage, (12) __glXDispSwap_GetCompressedTexImage, (13) __glXDisp_FeedbackBuffer, (14) __glXDispSwap_FeedbackBuffer, (15) __glXDisp_SelectBuffer, (16) __glXDispSwap_SelectBuffer, (17) __glXDisp_Flush, (18) __glXDispSwap_Flush, (19) __glXDisp_Finish, (20) __glXDispSwap_Finish, (21) __glXDisp_ReadPixels, (22) __glXDispSwap_ReadPixels, (23) __glXDisp_GetTexImage, (24) __glXDispSwap_GetTexImage, (25) __glXDisp_GetPolygonStipple, (26) __glXDispSwap_GetPolygonStipple, (27) __glXDisp_GetSeparableFilter, (28) __glXDisp_GetSeparableFilterEXT, (29) __glXDisp_GetConvolutionFilter, (30) __glXDisp_GetConvolutionFilterEXT, (31) __glXDisp_GetHistogram, (32) __glXDisp_GetHistogramEXT, (33) __glXDisp_GetMinmax, (34) __glXDisp_GetMinmaxEXT, (35) __glXDisp_GetColorTable, (36) __glXDisp_GetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function.
ImportantCVE-2014-8098SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8099SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXvQueryExtension, (2) SProcXvQueryAdaptors, (3) SProcXvQueryEncodings, (4) SProcXvGrabPort, (5) SProcXvUngrabPort, (6) SProcXvPutVideo, (7) SProcXvPutStill, (8) SProcXvGetVideo, (9) SProcXvGetStill, (10) SProcXvPutImage, (11) SProcXvShmPutImage, (12) SProcXvSelectVideoNotify, (13) SProcXvSelectPortNotify, (14) SProcXvStopVideo, (15) SProcXvSetPortAttribute, (16) SProcXvGetPortAttribute, (17) SProcXvQueryBestSize, (18) SProcXvQueryPortAttributes, (19) SProcXvQueryImageAttributes, or (20) SProcXvListImageFormats function.
ModerateCVE-2014-8099SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8100SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcRenderQueryVersion, (2) SProcRenderQueryVersion, (3) SProcRenderQueryPictFormats, (4) SProcRenderQueryPictIndexValues, (5) SProcRenderCreatePicture, (6) SProcRenderChangePicture, (7) SProcRenderSetPictureClipRectangles, (8) SProcRenderFreePicture, (9) SProcRenderComposite, (10) SProcRenderScale, (11) SProcRenderCreateGlyphSet, (12) SProcRenderReferenceGlyphSet, (13) SProcRenderFreeGlyphSet, (14) SProcRenderFreeGlyphs, or (15) SProcRenderCompositeGlyphs function.
ModerateCVE-2014-8100SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8101SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, or (4) SProcRRConfigureOutputProperty function.
ModerateCVE-2014-8101SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8102SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length value.
ModerateCVE-2014-8102SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8103SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version, (2) sproc_dri3_open, (3) sproc_dri3_pixmap_from_buffer, (4) sproc_dri3_buffer_from_pixmap, (5) sproc_dri3_fence_from_fd, (6) sproc_dri3_fd_from_fence, (7) proc_present_query_capabilities, (8) sproc_present_query_version, (9) sproc_present_pixmap, (10) sproc_present_notify_msc, (11) sproc_present_select_input, or (12) sproc_present_query_capabilities function in the (a) DRI3 or (b) Present extension.
ModerateCVE-2014-8103SUSE bug 907268cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8104SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
ModerateCVE-2014-8104SUSE bug 907764cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8106SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.
ModerateCVE-2014-8106SUSE bug 1023004SUSE bug 1178658SUSE bug 907805cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8116SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.
ModerateCVE-2014-8116SUSE bug 910252SUSE bug 910253SUSE bug 917152cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8117SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
ModerateCVE-2014-8117SUSE bug 910252SUSE bug 910253SUSE bug 917152cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8118SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
ImportantCVE-2014-8118SUSE bug 1101137SUSE bug 906803SUSE bug 908128cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8119SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
ModerateCVE-2014-8119SUSE bug 925225cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8121SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
ModerateCVE-2014-8121SUSE bug 918187SUSE bug 945779cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8127SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool.
CriticalCVE-2014-8127SUSE bug 914890SUSE bug 916925SUSE bug 942690cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8128SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.
CriticalCVE-2014-8128SUSE bug 1007276SUSE bug 1017690SUSE bug 1040322SUSE bug 914890SUSE bug 916925SUSE bug 942690SUSE bug 960341SUSE bug 974621SUSE bug 983436cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8129SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.
CriticalCVE-2014-8129SUSE bug 914890SUSE bug 916925SUSE bug 942690cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8130SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.
CriticalCVE-2014-8130SUSE bug 914890SUSE bug 916925SUSE bug 942690cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8131SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
LowCVE-2014-8131SUSE bug 909274cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8132SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.
ModerateCVE-2014-8132SUSE bug 910790SUSE bug 928323cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8133SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.
ModerateCVE-2014-8133SUSE bug 817142SUSE bug 906545SUSE bug 907818SUSE bug 909077cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2014-8134SUSE Linux Enterprise Desktop 12 SP3
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.
ModerateCVE-2014-8134SUSE bug 907818SUSE bug 909077SUSE bug 909078cpe:/o:suse:sled:12:sp3CVE-2014-8135SUSE Linux Enterprise Desktop 12
The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.
LowCVE-2014-8135SUSE bug 910860cpe:/o:suse:sled:12CVE-2014-8136SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
LowCVE-2014-8136SUSE bug 910862cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2014-8137SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.
ModerateCVE-2014-8137SUSE bug 1178702SUSE bug 909474SUSE bug 909475SUSE bug 911837SUSE bug 968373cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8138SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
ModerateCVE-2014-8138SUSE bug 1178702SUSE bug 909474SUSE bug 909475SUSE bug 911837cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
ModerateCVE-2014-8139SUSE bug 909214SUSE bug 915880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
ModerateCVE-2014-8140SUSE bug 909214SUSE bug 914442SUSE bug 915880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8141SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
ModerateCVE-2014-8141SUSE bug 909214SUSE bug 915880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.
ModerateCVE-2014-8143SUSE bug 914279cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.
ModerateCVE-2014-8146SUSE bug 1066493SUSE bug 910805SUSE bug 927951SUSE bug 929629SUSE bug 959178cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8147SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
ModerateCVE-2014-8147SUSE bug 1066493SUSE bug 1079317SUSE bug 910805SUSE bug 910806SUSE bug 927951SUSE bug 929629SUSE bug 959178cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8148SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.
ImportantCVE-2014-8148SUSE bug 912023cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.
ModerateCVE-2014-8150SUSE bug 911363SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8151SUSE Linux Enterprise Desktop 12
The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
ModerateCVE-2014-8151SUSE bug 911363SUSE bug 911666cpe:/o:suse:sled:12CVE-2014-8155SUSE Linux Enterprise Desktop 12
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid.
ModerateCVE-2014-8155SUSE bug 920366cpe:/o:suse:sled:12CVE-2014-8157SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
ModerateCVE-2014-8157SUSE bug 1178702SUSE bug 911837cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8158SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
ModerateCVE-2014-8158SUSE bug 1178702SUSE bug 911837cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8159SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/.
ModerateCVE-2014-8159SUSE bug 903967SUSE bug 914742SUSE bug 939241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8160SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
ModerateCVE-2014-8160SUSE bug 857643SUSE bug 913059cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-8161SUSE Linux Enterprise Desktop 12
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
ModerateCVE-2014-8161SUSE bug 916953cpe:/o:suse:sled:12CVE-2014-8169SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.
ModerateCVE-2014-8169SUSE bug 917977cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8181SUSE Linux Enterprise Desktop 12 SP3
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.
ModerateCVE-2014-8181SUSE bug 980851cpe:/o:suse:sled:12:sp3CVE-2014-8182SUSE Linux Enterprise Desktop 12
An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses.
ModerateCVE-2014-8182SUSE bug 998096cpe:/o:suse:sled:12CVE-2014-8240SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to screen size handling, which triggers a heap-based buffer overflow, a similar issue to CVE-2014-6051.
ModerateCVE-2014-8240SUSE bug 900896cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8242SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.
LowCVE-2014-8242SUSE bug 900914SUSE bug 922710cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8275SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.
ModerateCVE-2014-8275SUSE bug 912018SUSE bug 927623SUSE bug 937891cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8354SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
LowCVE-2014-8354SUSE bug 903204SUSE bug 903638cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8355SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
LowCVE-2014-8355SUSE bug 903216SUSE bug 903638cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8369SUSE Linux Enterprise Desktop 12 SP3
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.
ModerateCVE-2014-8369SUSE bug 892782SUSE bug 902675cpe:/o:suse:sled:12:sp3CVE-2014-8437SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow remote attackers to discover session tokens via unspecified vectors.
ImportantCVE-2014-8437SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8438SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-0588.
ImportantCVE-2014-8438SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8439SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
ModerateCVE-2014-8439SUSE bug 907257SUSE bug 909219cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8440SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8441.
ImportantCVE-2014-8440SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8441SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8440.
ImportantCVE-2014-8441SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8442SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.
ModerateCVE-2014-8442SUSE bug 905032cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8443SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2014-8443SUSE bug 909219cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8484SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.
ModerateCVE-2014-8484SUSE bug 902676SUSE bug 902677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-8485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.
ModerateCVE-2014-8485SUSE bug 902676cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-8500SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.
ModerateCVE-2014-8500SUSE bug 908994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8501SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable.
ModerateCVE-2014-8501SUSE bug 903655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-8502SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.
ModerateCVE-2014-8502SUSE bug 903655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-8503SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.
ModerateCVE-2014-8503SUSE bug 903655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-8504SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.
ModerateCVE-2014-8504SUSE bug 903655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-8559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
ModerateCVE-2014-8559SUSE bug 903640SUSE bug 915517cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8561SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
imagemagick 6.8.9.6 has remote DOS via infinite loop
LowCVE-2014-8561SUSE bug 1156786cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8562SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
ModerateCVE-2014-8562SUSE bug 903638cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8564SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.
ModerateCVE-2014-8564SUSE bug 904603cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8594SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP).
ModerateCVE-2014-8594SUSE bug 903967SUSE bug 903970cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8595SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.
ModerateCVE-2014-8595SUSE bug 903970SUSE bug 907649cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8634SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2014-8634SUSE bug 913064SUSE bug 913096cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8635SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2014-8635cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8638SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
ModerateCVE-2014-8638SUSE bug 913068SUSE bug 913096cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8639SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.
ModerateCVE-2014-8639SUSE bug 913066SUSE bug 913096cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8641SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.
ModerateCVE-2014-8641SUSE bug 913067SUSE bug 913096cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8680SUSE Linux Enterprise Desktop 12
The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options.
ModerateCVE-2014-8680SUSE bug 908995cpe:/o:suse:sled:12CVE-2014-8709SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets.
ImportantCVE-2014-8709SUSE bug 904700cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-8716SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
ModerateCVE-2014-8716SUSE bug 905260cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8737SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar.
ModerateCVE-2014-8737SUSE bug 905736SUSE bug 912408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-8738SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.
ModerateCVE-2014-8738SUSE bug 905735cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2014-8767SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.
LowCVE-2014-8767SUSE bug 905870SUSE bug 905871cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8768SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
LowCVE-2014-8768SUSE bug 905871cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8769SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.
LowCVE-2014-8769SUSE bug 905871SUSE bug 905872cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8866SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode.
ModerateCVE-2014-8866SUSE bug 903970SUSE bug 905465cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8867SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.
ModerateCVE-2014-8867SUSE bug 903970SUSE bug 905467cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-8884SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.
ModerateCVE-2014-8884SUSE bug 904876SUSE bug 905522SUSE bug 905739SUSE bug 905744SUSE bug 905748SUSE bug 905764cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8962SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
ModerateCVE-2014-8962SUSE bug 906831SUSE bug 907764SUSE bug 969774cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8964SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
ModerateCVE-2014-8964SUSE bug 906574SUSE bug 924960SUSE bug 933288SUSE bug 936408SUSE bug 958373cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-8991SUSE Linux Enterprise Desktop 12 SP4
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.
ModerateCVE-2014-8991SUSE bug 907038cpe:/o:suse:sled:12:sp4CVE-2014-9028SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
ModerateCVE-2014-9028SUSE bug 907016SUSE bug 969774cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9029SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
ModerateCVE-2014-9029SUSE bug 1178702SUSE bug 906364SUSE bug 909474cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9030SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE.
ModerateCVE-2014-9030SUSE bug 903970SUSE bug 906439cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9050SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
ModerateCVE-2014-9050SUSE bug 1040662SUSE bug 906770cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9065SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability to CVE-2014-9066.
ModerateCVE-2014-9065SUSE bug 906996SUSE bug 918998cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9066SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Xen 4.4.x and earlier, when using a large number of VCPUs, does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability than CVE-2014-9065.
ModerateCVE-2014-9066SUSE bug 906996SUSE bug 918998cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9087SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
ModerateCVE-2014-9087SUSE bug 907074SUSE bug 926826SUSE bug 996084cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9090SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.
ModerateCVE-2014-9090SUSE bug 817142SUSE bug 907818SUSE bug 909077SUSE bug 910251cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9092SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
ModerateCVE-2014-9092SUSE bug 906761cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9093SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
ModerateCVE-2014-9093SUSE bug 907636cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9112SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.
ModerateCVE-2014-9112SUSE bug 907456SUSE bug 913479cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9114SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
ModerateCVE-2014-9114SUSE bug 907434SUSE bug 908742cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9116SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.
ModerateCVE-2014-9116SUSE bug 907453cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9130SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.
ModerateCVE-2014-9130SUSE bug 907809SUSE bug 911782SUSE bug 921588cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.
LowCVE-2014-9140SUSE bug 923142cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9157SUSE Linux Enterprise Desktop 12
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
ModerateCVE-2014-9157SUSE bug 908426cpe:/o:suse:sled:12CVE-2014-9162SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors.
ModerateCVE-2014-9162SUSE bug 909219cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9163SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.
ModerateCVE-2014-9163SUSE bug 909219cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9164SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0587.
ModerateCVE-2014-9164SUSE bug 909219cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9221SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.
ModerateCVE-2014-9221SUSE bug 910491cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9278SUSE Linux Enterprise Desktop 12
The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login.
LowCVE-2014-9278SUSE bug 908424cpe:/o:suse:sled:12CVE-2014-9293SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
ImportantCVE-2014-9293SUSE bug 910764SUSE bug 911053SUSE bug 911792SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9294SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
ImportantCVE-2014-9294SUSE bug 910764SUSE bug 911053SUSE bug 911792SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9295SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
ImportantCVE-2014-9295SUSE bug 910764SUSE bug 911792SUSE bug 916239SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9296SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.
ImportantCVE-2014-9296SUSE bug 910764SUSE bug 911053SUSE bug 911792SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9297SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2014-9297SUSE bug 911792SUSE bug 948963SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9298SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2014-9298SUSE bug 911792SUSE bug 948963SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9322SUSE Linux Enterprise Desktop 12
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.
ImportantCVE-2014-9322SUSE bug 817142SUSE bug 910251cpe:/o:suse:sled:12CVE-2014-9328SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."
ModerateCVE-2014-9328SUSE bug 1040662SUSE bug 915512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9402SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
LowCVE-2014-9402SUSE bug 910599cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9419SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.
ModerateCVE-2014-9419SUSE bug 911326cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9420SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.
ModerateCVE-2014-9420SUSE bug 906545SUSE bug 911325cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9421SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via malformed XDR data, as demonstrated by data sent to kadmind.
ModerateCVE-2014-9421SUSE bug 1005509SUSE bug 770172SUSE bug 912002cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9422SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
ModerateCVE-2014-9422SUSE bug 1005509SUSE bug 770172SUSE bug 912002cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.
ModerateCVE-2014-9423SUSE bug 1005509SUSE bug 912002cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9447SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program.
ModerateCVE-2014-9447SUSE bug 911662SUSE bug 912408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9449SUSE Linux Enterprise Desktop 12
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.
ModerateCVE-2014-9449cpe:/o:suse:sled:12CVE-2014-9471SUSE Linux Enterprise Desktop 12
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.
ModerateCVE-2014-9471SUSE bug 911832cpe:/o:suse:sled:12CVE-2014-9474SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.
LowCVE-2014-9474SUSE bug 911812cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9495SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
ModerateCVE-2014-9495SUSE bug 912076SUSE bug 912929cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9496SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
ModerateCVE-2014-9496SUSE bug 911796cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9512SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
ModerateCVE-2014-9512SUSE bug 915410SUSE bug 960191cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9556SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
ModerateCVE-2014-9556SUSE bug 912214SUSE bug 919283SUSE bug 934533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9584SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.
ModerateCVE-2014-9584SUSE bug 912654cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9585SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.
ImportantCVE-2014-9585SUSE bug 912705cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2014-9620SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.
LowCVE-2014-9620SUSE bug 913651SUSE bug 917152cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9621SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string.
LowCVE-2014-9621SUSE bug 913650SUSE bug 917152cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9622SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
ImportantCVE-2014-9622SUSE bug 913676cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9636SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
ModerateCVE-2014-9636SUSE bug 914442cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9638SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
ModerateCVE-2014-9638SUSE bug 914439SUSE bug 914441cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9639SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
ModerateCVE-2014-9639SUSE bug 1081744SUSE bug 914439SUSE bug 914441cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9640SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
ModerateCVE-2014-9640SUSE bug 912214SUSE bug 914938SUSE bug 919283cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9645SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command.
ModerateCVE-2014-9645SUSE bug 914423SUSE bug 914660cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9653SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.
LowCVE-2014-9653SUSE bug 917152cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9654SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.
ModerateCVE-2014-9654SUSE bug 917129SUSE bug 929629SUSE bug 952260cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9655SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.
ModerateCVE-2014-9655SUSE bug 914890SUSE bug 916925SUSE bug 916927cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9656SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font.
ModerateCVE-2014-9656SUSE bug 916847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9657SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
ModerateCVE-2014-9657SUSE bug 916856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9658SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
ModerateCVE-2014-9658SUSE bug 916857cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9659SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.
ModerateCVE-2014-9659SUSE bug 916867cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9660SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
ModerateCVE-2014-9660SUSE bug 916858cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9661SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.
ModerateCVE-2014-9661SUSE bug 916859cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9662SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
ModerateCVE-2014-9662SUSE bug 916860cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9663SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
ModerateCVE-2014-9663SUSE bug 916865cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9664SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
ModerateCVE-2014-9664SUSE bug 916864cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9665SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file.
ModerateCVE-2014-9665SUSE bug 916863cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9666SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
ModerateCVE-2014-9666SUSE bug 916862cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9667SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
ModerateCVE-2014-9667SUSE bug 916861cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9668SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file.
ModerateCVE-2014-9668SUSE bug 916868cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9669SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
ModerateCVE-2014-9669SUSE bug 916870cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9670SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
ModerateCVE-2014-9670SUSE bug 916871SUSE bug 933247cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9671SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
ModerateCVE-2014-9671SUSE bug 916872SUSE bug 933247cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9672SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.
ModerateCVE-2014-9672SUSE bug 916873cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9673SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
ModerateCVE-2014-9673SUSE bug 916874cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9674SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
ModerateCVE-2014-9674SUSE bug 916879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9675SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
ModerateCVE-2014-9675SUSE bug 916881cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9679SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
ModerateCVE-2014-9679SUSE bug 917799cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9680SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log messages, or repositioning tape drives.
LowCVE-2014-9680SUSE bug 917806SUSE bug 919737SUSE bug 921999SUSE bug 953359cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9687SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
ModerateCVE-2014-9687SUSE bug 920160cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9709SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.
ModerateCVE-2014-9709SUSE bug 923945SUSE bug 923946SUSE bug 980366cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9710SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit.
ModerateCVE-2014-9710SUSE bug 923908SUSE bug 939260cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9717SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace.
ModerateCVE-2014-9717SUSE bug 928547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9718SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.
ModerateCVE-2014-9718SUSE bug 928393SUSE bug 964431cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9720SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.
ModerateCVE-2014-9720SUSE bug 833754SUSE bug 930361SUSE bug 930362cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9721SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
ModerateCVE-2014-9721SUSE bug 931978cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9728SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
ModerateCVE-2014-9728SUSE bug 911325SUSE bug 933904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9729SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
ModerateCVE-2014-9729SUSE bug 911325SUSE bug 933904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9730SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
ModerateCVE-2014-9730SUSE bug 911325SUSE bug 933904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9731SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.
ModerateCVE-2014-9731SUSE bug 911325SUSE bug 933896cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9732SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive.
ModerateCVE-2014-9732SUSE bug 934524SUSE bug 934533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9745SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.
LowCVE-2014-9745SUSE bug 945849SUSE bug 947966cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9746SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.
LowCVE-2014-9746SUSE bug 947966cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9747SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.
LowCVE-2014-9747SUSE bug 947966cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9756SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.
ModerateCVE-2014-9756SUSE bug 953516SUSE bug 953519SUSE bug 953521cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9761SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.
ModerateCVE-2014-9761SUSE bug 962738SUSE bug 986086cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9769SUSE Linux Enterprise Desktop 12
pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset.
ModerateCVE-2014-9769SUSE bug 973012cpe:/o:suse:sled:12CVE-2014-9770SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
ModerateCVE-2014-9770SUSE bug 972612cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9804SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."
ModerateCVE-2014-9804SUSE bug 982969SUSE bug 983750cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9805SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
ModerateCVE-2014-9805SUSE bug 982969SUSE bug 983752cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9806SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
ModerateCVE-2014-9806SUSE bug 982969SUSE bug 983774cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9807SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
ModerateCVE-2014-9807SUSE bug 982969SUSE bug 983794cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9808SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
ModerateCVE-2014-9808SUSE bug 982969SUSE bug 983796cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9809SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
ModerateCVE-2014-9809SUSE bug 982969SUSE bug 983799cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9810SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
ModerateCVE-2014-9810SUSE bug 982969SUSE bug 983803cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9811SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
ModerateCVE-2014-9811SUSE bug 982969SUSE bug 984032cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9812SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
ModerateCVE-2014-9812SUSE bug 982969SUSE bug 984137cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9813SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
ModerateCVE-2014-9813SUSE bug 982969SUSE bug 984035SUSE bug 984398cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9814SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
ModerateCVE-2014-9814SUSE bug 982969SUSE bug 984193SUSE bug 984372cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9815SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
ModerateCVE-2014-9815SUSE bug 982969SUSE bug 984372cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9816SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
ModerateCVE-2014-9816SUSE bug 982969SUSE bug 984035SUSE bug 984398cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9817SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.
ModerateCVE-2014-9817SUSE bug 982969SUSE bug 984400cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9818SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
ModerateCVE-2014-9818SUSE bug 1000690SUSE bug 982969SUSE bug 984181SUSE bug 984186SUSE bug 984409cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9819SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.
ModerateCVE-2014-9819SUSE bug 982969SUSE bug 984142cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9820SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.
ModerateCVE-2014-9820SUSE bug 982969SUSE bug 984150cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9821SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
ModerateCVE-2014-9821SUSE bug 982969SUSE bug 984014cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9822SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.
ModerateCVE-2014-9822SUSE bug 982969SUSE bug 984187cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9823SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.
ModerateCVE-2014-9823SUSE bug 982969SUSE bug 984401cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9824SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.
ModerateCVE-2014-9824SUSE bug 982969SUSE bug 984185cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9825SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
ModerateCVE-2014-9825SUSE bug 982969SUSE bug 984427cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9826SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
ModerateCVE-2014-9826SUSE bug 982969SUSE bug 984186cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9827SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
ModerateCVE-2014-9827SUSE bug 982969SUSE bug 984170cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2014-9828SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
ModerateCVE-2014-9828SUSE bug 982969SUSE bug 984028cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9829SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.
ModerateCVE-2014-9829SUSE bug 982969SUSE bug 984409cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9830SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
ModerateCVE-2014-9830SUSE bug 1000690SUSE bug 982969SUSE bug 984135cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9831SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
ModerateCVE-2014-9831SUSE bug 982969SUSE bug 984375cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9832SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
ModerateCVE-2014-9832SUSE bug 982969SUSE bug 984183cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9833SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
ModerateCVE-2014-9833SUSE bug 982969SUSE bug 984406SUSE bug 984427cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9834SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
ModerateCVE-2014-9834SUSE bug 982969SUSE bug 984436cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9835SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
ModerateCVE-2014-9835SUSE bug 982969SUSE bug 984145SUSE bug 984375cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9836SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
ModerateCVE-2014-9836SUSE bug 982969SUSE bug 984023cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9837SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
ModerateCVE-2014-9837SUSE bug 982969SUSE bug 984166cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9838SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
ModerateCVE-2014-9838SUSE bug 982969SUSE bug 984370cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9839SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).
ModerateCVE-2014-9839SUSE bug 982969SUSE bug 984379cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9840SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
ModerateCVE-2014-9840SUSE bug 982969SUSE bug 984433cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9841SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."
ModerateCVE-2014-9841SUSE bug 982969SUSE bug 984172SUSE bug 984186SUSE bug 984374cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9842SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
ModerateCVE-2014-9842SUSE bug 982969SUSE bug 984172SUSE bug 984374cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9843SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
ModerateCVE-2014-9843SUSE bug 1000697SUSE bug 982969SUSE bug 984179cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9844SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
ModerateCVE-2014-9844SUSE bug 982969SUSE bug 984373SUSE bug 984408cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9845SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
ModerateCVE-2014-9845SUSE bug 982969SUSE bug 984394cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9846SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
ModerateCVE-2014-9846SUSE bug 982969SUSE bug 983521SUSE bug 984408cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9847SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
ModerateCVE-2014-9847SUSE bug 1040304SUSE bug 982969SUSE bug 984144cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9848SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
ModerateCVE-2014-9848SUSE bug 982969SUSE bug 984404cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9849SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
ModerateCVE-2014-9849SUSE bug 982969SUSE bug 984018cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9850SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
ModerateCVE-2014-9850SUSE bug 982969SUSE bug 984149cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9851SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
ModerateCVE-2014-9851SUSE bug 1106989SUSE bug 1106996SUSE bug 982969SUSE bug 984160cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9852SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
ModerateCVE-2014-9852SUSE bug 982969SUSE bug 984191cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9853SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
ModerateCVE-2014-9853SUSE bug 982969SUSE bug 984408cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9854SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
ModerateCVE-2014-9854SUSE bug 982969SUSE bug 984184cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9892SUSE Linux Enterprise Desktop 12 SP1
The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717.
LowCVE-2014-9892SUSE bug 992731cpe:/o:suse:sled:12:sp1CVE-2014-9903SUSE Linux Enterprise Desktop 12
The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call.
ModerateCVE-2014-9903SUSE bug 986794cpe:/o:suse:sled:12CVE-2014-9904SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.
ModerateCVE-2014-9904SUSE bug 986811SUSE bug 986941cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9907SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.
ModerateCVE-2014-9907SUSE bug 1000714SUSE bug 1074610cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9913SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.
ModerateCVE-2014-9913SUSE bug 1013993SUSE bug 1159417cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9914SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.
ModerateCVE-2014-9914SUSE bug 1023997cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9915SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
ModerateCVE-2014-9915SUSE bug 1016575SUSE bug 1017306cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2014-9922SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.
ModerateCVE-2014-9922SUSE bug 1032340cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9939SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.
ModerateCVE-2014-9939SUSE bug 1030296SUSE bug 1105209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2014-9940SUSE Linux Enterprise Desktop 12 SP1
The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.
ImportantCVE-2014-9940SUSE bug 1037307cpe:/o:suse:sled:12:sp1CVE-2015-0204SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
CriticalCVE-2015-0204SUSE bug 912014SUSE bug 920482SUSE bug 920484SUSE bug 927591SUSE bug 927623SUSE bug 952088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0205SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.
ModerateCVE-2015-0205SUSE bug 912293SUSE bug 927623SUSE bug 937891cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0206SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection.
ModerateCVE-2015-0206SUSE bug 912292SUSE bug 927623SUSE bug 937891cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0209SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.
CriticalCVE-2015-0209SUSE bug 919648SUSE bug 936586SUSE bug 937891cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0210SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
ModerateCVE-2015-0210SUSE bug 915323cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0235SUSE Linux Enterprise Desktop 12
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
ImportantCVE-2015-0235SUSE bug 844309SUSE bug 913646SUSE bug 949238SUSE bug 954983cpe:/o:suse:sled:12CVE-2015-0236SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.
ModerateCVE-2015-0236SUSE bug 914693cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0240SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
ImportantCVE-2015-0240SUSE bug 917376cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0241SUSE Linux Enterprise Desktop 12
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.
ModerateCVE-2015-0241SUSE bug 916953cpe:/o:suse:sled:12CVE-2015-0243SUSE Linux Enterprise Desktop 12
Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2015-0243SUSE bug 916953cpe:/o:suse:sled:12CVE-2015-0244SUSE Linux Enterprise Desktop 12
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation.
ModerateCVE-2015-0244SUSE bug 916953cpe:/o:suse:sled:12CVE-2015-0245SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds.
ModerateCVE-2015-0245SUSE bug 1003898SUSE bug 916343cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0247SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.
ModerateCVE-2015-0247SUSE bug 1123790SUSE bug 915402SUSE bug 918346cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0252SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
ModerateCVE-2015-0252SUSE bug 920810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0255SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
ModerateCVE-2015-0255SUSE bug 915810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0261SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.
ModerateCVE-2015-0261SUSE bug 922220cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0272SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
ModerateCVE-2015-0272SUSE bug 944296SUSE bug 951638SUSE bug 955354cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0275SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
ModerateCVE-2015-0275SUSE bug 919032cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0282SUSE Linux Enterprise Desktop 12
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
ModerateCVE-2015-0282SUSE bug 919938SUSE bug 921684cpe:/o:suse:sled:12CVE-2015-0286SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.
CriticalCVE-2015-0286SUSE bug 919648SUSE bug 922496SUSE bug 936586SUSE bug 937891SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0287SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
CriticalCVE-2015-0287SUSE bug 919648SUSE bug 922499SUSE bug 936586SUSE bug 937891SUSE bug 968888SUSE bug 991722cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0288SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.
CriticalCVE-2015-0288SUSE bug 919648SUSE bug 920236SUSE bug 936586SUSE bug 937891SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0289SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.
CriticalCVE-2015-0289SUSE bug 919648SUSE bug 922500SUSE bug 936586SUSE bug 937891cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0292SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.
CriticalCVE-2015-0292SUSE bug 919648SUSE bug 922501SUSE bug 936586cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0293SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
CriticalCVE-2015-0293SUSE bug 919648SUSE bug 922488SUSE bug 936586SUSE bug 968044SUSE bug 968051SUSE bug 968053SUSE bug 986238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0294SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
LowCVE-2015-0294SUSE bug 919938cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0295SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
LowCVE-2015-0295SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808SUSE bug 936523cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0296SUSE Linux Enterprise Desktop 12
The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226_r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory.
LowCVE-2015-0296SUSE bug 920172cpe:/o:suse:sled:12CVE-2015-0301SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impact and attack vectors.
ModerateCVE-2015-0301SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0302SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to obtain sensitive keystroke information via unspecified vectors.
ModerateCVE-2015-0302SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0303SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0306.
ModerateCVE-2015-0303SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0304SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0309.
CriticalCVE-2015-0304SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0305SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
CriticalCVE-2015-0305SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0306SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0303.
CriticalCVE-2015-0306SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0307SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
ModerateCVE-2015-0307SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0308SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2015-0308SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0309SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0304.
CriticalCVE-2015-0309SUSE bug 913057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0310SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an unspecified impact on other platforms, via unknown vectors, as exploited in the wild in January 2015.
ImportantCVE-2015-0310SUSE bug 914333cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0311SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.
ImportantCVE-2015-0311SUSE bug 914463cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0313SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
CriticalCVE-2015-0313SUSE bug 915918SUSE bug 916374SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0314SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.
CriticalCVE-2015-0314SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0315SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0320, and CVE-2015-0322.
CriticalCVE-2015-0315SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0316SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.
CriticalCVE-2015-0316SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0317SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0319.
CriticalCVE-2015-0317SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0318SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.
CriticalCVE-2015-0318SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0319SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0317.
CriticalCVE-2015-0319SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0320SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0322.
CriticalCVE-2015-0320SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0321SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0329, and CVE-2015-0330.
CriticalCVE-2015-0321SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0322SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0320.
CriticalCVE-2015-0322SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0323SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0327.
CriticalCVE-2015-0323SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0324SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2015-0324SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0325SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328.
CriticalCVE-2015-0325SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0326SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0328.
CriticalCVE-2015-0326SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0327SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323.
CriticalCVE-2015-0327SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0328SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0326.
CriticalCVE-2015-0328SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0329SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330.
CriticalCVE-2015-0329SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0330SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0329.
CriticalCVE-2015-0330SUSE bug 915918SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0331SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
CriticalCVE-2015-0331SUSE bug 922033cpe:/o:suse:sled:12:sp1CVE-2015-0332SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0333, CVE-2015-0335, and CVE-2015-0339.
ImportantCVE-2015-0332SUSE bug 922033SUSE bug 922296cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0333SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0332, CVE-2015-0335, and CVE-2015-0339.
ImportantCVE-2015-0333SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0334SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0336.
ImportantCVE-2015-0334SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0335SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0332, CVE-2015-0333, and CVE-2015-0339.
ImportantCVE-2015-0335SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0336SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0334.
ImportantCVE-2015-0336SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0337SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ImportantCVE-2015-0337SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0338SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2015-0338SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0339SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0332, CVE-2015-0333, and CVE-2015-0335.
ImportantCVE-2015-0339SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0340SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass intended file-upload restrictions via unspecified vectors.
ImportantCVE-2015-0340SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0341SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0342.
ImportantCVE-2015-0341SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0342SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0341.
ImportantCVE-2015-0342SUSE bug 922033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0346SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0359.
ModerateCVE-2015-0346SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0347SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-0347SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0348SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2015-0348SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0349SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0351, CVE-2015-0358, and CVE-2015-3039.
ModerateCVE-2015-0349SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0350SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-0350SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0351SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0358, and CVE-2015-3039.
ModerateCVE-2015-0351SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0352SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-0352SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0353SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-0353SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0354SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-0354SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0355SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-0355SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0356SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."
ModerateCVE-2015-0356SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0357SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3040.
ModerateCVE-2015-0357SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0358SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-3039.
ModerateCVE-2015-0358SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0359SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0346.
ModerateCVE-2015-0359SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0360SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-0360SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0361SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial of service (system crash) via a crafted hypercall during HVM guest teardown.
ModerateCVE-2015-0361SUSE bug 910681SUSE bug 918998SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-0374SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.
ModerateCVE-2015-0374SUSE bug 914058SUSE bug 915911cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0381SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.
ModerateCVE-2015-0381SUSE bug 914058SUSE bug 915911cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0382SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.
ModerateCVE-2015-0382SUSE bug 914058SUSE bug 915911cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0383SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
ModerateCVE-2015-0383SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0391SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
ModerateCVE-2015-0391SUSE bug 914058SUSE bug 915913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0395SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ModerateCVE-2015-0395SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0400SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
ModerateCVE-2015-0400SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0407SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
ModerateCVE-2015-0407SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0408SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
ModerateCVE-2015-0408SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0410SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.
ModerateCVE-2015-0410SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0411SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
ModerateCVE-2015-0411SUSE bug 914058SUSE bug 915911cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0412SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.
ModerateCVE-2015-0412SUSE bug 914041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0432SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
ModerateCVE-2015-0432SUSE bug 914058SUSE bug 915911cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0433SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
ModerateCVE-2015-0433SUSE bug 927623SUSE bug 936409cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0441SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
ModerateCVE-2015-0441SUSE bug 927623SUSE bug 936409cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0458SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
ImportantCVE-2015-0458SUSE bug 927591cpe:/o:suse:sled:12CVE-2015-0459SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.
ImportantCVE-2015-0459SUSE bug 927591SUSE bug 932310cpe:/o:suse:sled:12CVE-2015-0460SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
ModerateCVE-2015-0460SUSE bug 927591cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0469SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ImportantCVE-2015-0469SUSE bug 927591SUSE bug 932310cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0477SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans.
ModerateCVE-2015-0477SUSE bug 927591cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0478SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.
LowCVE-2015-0478SUSE bug 927591SUSE bug 944456cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0480SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools.
ModerateCVE-2015-0480SUSE bug 927591cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0484SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.
ImportantCVE-2015-0484SUSE bug 927591cpe:/o:suse:sled:12CVE-2015-0488SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.
ModerateCVE-2015-0488SUSE bug 927591cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0491SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.
ImportantCVE-2015-0491SUSE bug 927591SUSE bug 932310cpe:/o:suse:sled:12CVE-2015-0492SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.
CriticalCVE-2015-0492SUSE bug 927591cpe:/o:suse:sled:12CVE-2015-0499SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.
ModerateCVE-2015-0499SUSE bug 927623SUSE bug 936408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0501SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.
ModerateCVE-2015-0501SUSE bug 927623SUSE bug 936408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0505SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
ModerateCVE-2015-0505SUSE bug 927623SUSE bug 936408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
ModerateCVE-2015-0559SUSE bug 912365cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0560SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-0560SUSE bug 912365cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0561SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
ModerateCVE-2015-0561SUSE bug 912368cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0562SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
ModerateCVE-2015-0562SUSE bug 912369cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0563SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-0563SUSE bug 912370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0564SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.
ModerateCVE-2015-0564SUSE bug 912372cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0777SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors.
LowCVE-2015-0777SUSE bug 917830cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0794SUSE Linux Enterprise Desktop 12
modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows local users to have unspecified impact via a symlink attack on /tmp/dracut_block_uuid.map.
ModerateCVE-2015-0794SUSE bug 923755SUSE bug 935338SUSE bug 963976cpe:/o:suse:sled:12CVE-2015-0797SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.
ImportantCVE-2015-0797SUSE bug 927559SUSE bug 930622cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0799SUSE Linux Enterprise Desktop 12
The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.
ImportantCVE-2015-0799SUSE bug 925368SUSE bug 926166cpe:/o:suse:sled:12CVE-2015-0800SUSE Linux Enterprise Desktop 12
The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808.
ModerateCVE-2015-0800cpe:/o:suse:sled:12CVE-2015-0801SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.
ModerateCVE-2015-0801SUSE bug 925368SUSE bug 925401cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0802SUSE Linux Enterprise Desktop 12
Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.
ModerateCVE-2015-0802SUSE bug 925368SUSE bug 925402cpe:/o:suse:sled:12CVE-2015-0803SUSE Linux Enterprise Desktop 12
The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document.
ImportantCVE-2015-0803SUSE bug 925368SUSE bug 925400cpe:/o:suse:sled:12CVE-2015-0804SUSE Linux Enterprise Desktop 12
The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document containing a SOURCE element.
ImportantCVE-2015-0804SUSE bug 925368SUSE bug 925400cpe:/o:suse:sled:12CVE-2015-0805SUSE Linux Enterprise Desktop 12
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors that trigger rendering of 2D graphics content.
ImportantCVE-2015-0805SUSE bug 925368SUSE bug 925399cpe:/o:suse:sled:12CVE-2015-0806SUSE Linux Enterprise Desktop 12
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.
ImportantCVE-2015-0806SUSE bug 925368SUSE bug 925399cpe:/o:suse:sled:12CVE-2015-0807SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.
ModerateCVE-2015-0807SUSE bug 913068SUSE bug 925368SUSE bug 925398cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0808SUSE Linux Enterprise Desktop 12
The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
ModerateCVE-2015-0808SUSE bug 925368SUSE bug 925397cpe:/o:suse:sled:12CVE-2015-0810SUSE Linux Enterprise Desktop 12
Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element.
ModerateCVE-2015-0810cpe:/o:suse:sled:12CVE-2015-0811SUSE Linux Enterprise Desktop 12
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.
ModerateCVE-2015-0811SUSE bug 925368SUSE bug 925396cpe:/o:suse:sled:12CVE-2015-0812SUSE Linux Enterprise Desktop 12
Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.
ModerateCVE-2015-0812SUSE bug 925368SUSE bug 925394cpe:/o:suse:sled:12CVE-2015-0813SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
ModerateCVE-2015-0813SUSE bug 925368SUSE bug 925393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0814SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2015-0814SUSE bug 925368SUSE bug 925392cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0815SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2015-0815SUSE bug 925368SUSE bug 925392cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0816SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.
ModerateCVE-2015-0816SUSE bug 925368SUSE bug 925395cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0817SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.
ModerateCVE-2015-0817SUSE bug 923495SUSE bug 923534cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0818SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.
ModerateCVE-2015-0818SUSE bug 923495SUSE bug 923534cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0822SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.
ImportantCVE-2015-0822SUSE bug 910669SUSE bug 917597SUSE bug 923534SUSE bug 924515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0827SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.
ImportantCVE-2015-0827SUSE bug 910669SUSE bug 917597SUSE bug 923534SUSE bug 924515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0831SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
ImportantCVE-2015-0831SUSE bug 910669SUSE bug 917597SUSE bug 923534SUSE bug 924515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0835SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-0835SUSE bug 910669SUSE bug 917597SUSE bug 924515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0836SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-0836SUSE bug 910669SUSE bug 917597SUSE bug 923534SUSE bug 924515cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0837SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."
ModerateCVE-2015-0837SUSE bug 920057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0839SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads.
ModerateCVE-2015-0839SUSE bug 933191cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0840SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc).
LowCVE-2015-0840SUSE bug 926749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0848SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
ModerateCVE-2015-0848SUSE bug 933109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-0860SUSE Linux Enterprise Desktop 12 SP1
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which triggers a stack-based buffer overflow.
ModerateCVE-2015-0860SUSE bug 957160cpe:/o:suse:sled:12:sp1CVE-2015-0973SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
ModerateCVE-2015-0973SUSE bug 912929cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1038SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
LowCVE-2015-1038SUSE bug 912878cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1071SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
ModerateCVE-2015-1071SUSE bug 923223SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1076SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
ModerateCVE-2015-1076SUSE bug 923223SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1081SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
ModerateCVE-2015-1081SUSE bug 923223SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1083SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
ModerateCVE-2015-1083SUSE bug 923223SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1120SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
ModerateCVE-2015-1120SUSE bug 928380SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1122SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
ModerateCVE-2015-1122SUSE bug 1082221SUSE bug 928380SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1127SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.
ModerateCVE-2015-1127SUSE bug 928380SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1142857SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4f87e3cad35063f1c17de5 and the DPDK before commit 3f12b9f23b6499ff66ec8b0de941fb469297e5d0, additionally Multiple vendor NIC firmware is affected.
ModerateCVE-2015-1142857SUSE bug 1077355SUSE bug 1091815SUSE bug 1105108cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2015-1153SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154.
ModerateCVE-2015-1153SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1155SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
ModerateCVE-2015-1155SUSE bug 1082221SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1158SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code.
ImportantCVE-2015-1158SUSE bug 924208SUSE bug 976653cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1159SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
ImportantCVE-2015-1159SUSE bug 924208SUSE bug 976653cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1191SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.
ModerateCVE-2015-1191SUSE bug 913627cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1196SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
ModerateCVE-2015-1196SUSE bug 913678SUSE bug 915329cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1239SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.
ModerateCVE-2015-1239SUSE bug 1066713cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1283SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.
ModerateCVE-2015-1283SUSE bug 1034050SUSE bug 939077SUSE bug 979441SUSE bug 980391SUSE bug 983985cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1322SUSE Linux Enterprise Desktop 12
Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or read arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts).
ModerateCVE-2015-1322SUSE bug 928972cpe:/o:suse:sled:12CVE-2015-1328SUSE Linux Enterprise Desktop 12
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
ImportantCVE-2015-1328SUSE bug 934950SUSE bug 935081cpe:/o:suse:sled:12CVE-2015-1333SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys.
ModerateCVE-2015-1333SUSE bug 1126909SUSE bug 1185451SUSE bug 938645cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1339SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.
ModerateCVE-2015-1339SUSE bug 969356cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-1345SUSE Linux Enterprise Desktop 12
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
ModerateCVE-2015-1345SUSE bug 914695cpe:/o:suse:sled:12CVE-2015-1349SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.
LowCVE-2015-1349SUSE bug 918330cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1350SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.
LowCVE-2015-1350SUSE bug 1052256SUSE bug 914939cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2015-1395SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
LowCVE-2015-1395SUSE bug 915328cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1396SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.
LowCVE-2015-1396SUSE bug 915329cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1426SUSE Linux Enterprise Desktop 12
Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node.
LowCVE-2015-1426SUSE bug 917383cpe:/o:suse:sled:12CVE-2015-1461SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
ImportantCVE-2015-1461SUSE bug 1040662SUSE bug 916217cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1462SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
ImportantCVE-2015-1462SUSE bug 1040662SUSE bug 916214cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1463SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
ModerateCVE-2015-1463SUSE bug 1040662SUSE bug 916215cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1465SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets.
ImportantCVE-2015-1465SUSE bug 916225cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-1472SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
ModerateCVE-2015-1472SUSE bug 916222SUSE bug 920341SUSE bug 922243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1473SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.
ModerateCVE-2015-1473SUSE bug 916222SUSE bug 920341SUSE bug 922243cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1545SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.
ModerateCVE-2015-1545SUSE bug 846389SUSE bug 916897SUSE bug 916914cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1546SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service (crash) via a crafted search query with a matched values control.
ModerateCVE-2015-1546SUSE bug 916914cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1547SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.
ModerateCVE-2015-1547SUSE bug 914890SUSE bug 916925cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1572SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.
LowCVE-2015-1572SUSE bug 1123790SUSE bug 915402SUSE bug 918346cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1593SUSE Linux Enterprise Desktop 12 SP3
The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.
ModerateCVE-2015-1593SUSE bug 1044934SUSE bug 917839cpe:/o:suse:sled:12:sp3CVE-2015-1606SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.
LowCVE-2015-1606SUSE bug 918089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1607SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."
LowCVE-2015-1607SUSE bug 918090cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1774SUSE Linux Enterprise Desktop 12
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
ModerateCVE-2015-1774SUSE bug 919409cpe:/o:suse:sled:12CVE-2015-1779SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
ModerateCVE-2015-1779SUSE bug 924018SUSE bug 962632cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1781SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
ModerateCVE-2015-1781SUSE bug 927080cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1782SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
ImportantCVE-2015-1782SUSE bug 921070cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1788SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.
ModerateCVE-2015-1788SUSE bug 934487SUSE bug 936586SUSE bug 937891SUSE bug 938432cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1789SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
ModerateCVE-2015-1789SUSE bug 934489SUSE bug 936586SUSE bug 937891SUSE bug 938432SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1790SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
ModerateCVE-2015-1790SUSE bug 934491SUSE bug 936586SUSE bug 938432cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1791SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.
ModerateCVE-2015-1791SUSE bug 933911SUSE bug 986238SUSE bug 989464cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1792SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.
ModerateCVE-2015-1792SUSE bug 934493SUSE bug 937891SUSE bug 986238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1793SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP4
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate.
ModerateCVE-2015-1793SUSE bug 936746SUSE bug 937637SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp4CVE-2015-1794SUSE Linux Enterprise Desktop 12 SP4
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
ModerateCVE-2015-1794SUSE bug 957984cpe:/o:suse:sled:12:sp4CVE-2015-1797SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
LowCVE-2015-1797SUSE bug 983901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-1798SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.
ImportantCVE-2015-1798SUSE bug 924202SUSE bug 927497SUSE bug 928321SUSE bug 936327SUSE bug 957163cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1799SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.
ImportantCVE-2015-1799SUSE bug 924202SUSE bug 927497SUSE bug 928321SUSE bug 936327SUSE bug 943565SUSE bug 957163SUSE bug 959243SUSE bug 962624cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1802SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file.
ModerateCVE-2015-1802SUSE bug 921978cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1803SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.
ModerateCVE-2015-1803SUSE bug 921978cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1804SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.
ModerateCVE-2015-1804SUSE bug 921978cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1805SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."
ModerateCVE-2015-1805SUSE bug 917839SUSE bug 933429SUSE bug 939270SUSE bug 964730SUSE bug 964732cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2015-1819SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
ModerateCVE-2015-1819SUSE bug 1123919SUSE bug 928193cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1855SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
ModerateCVE-2015-1855SUSE bug 926974cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1858SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.
ModerateCVE-2015-1858SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1859SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
ModerateCVE-2015-1859SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1860SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.
ModerateCVE-2015-1860SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1863SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.
ModerateCVE-2015-1863SUSE bug 915323SUSE bug 927558cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-1865SUSE Linux Enterprise Desktop 12
fts.c in coreutils 8.4 allows local users to delete arbitrary files.
LowCVE-2015-1865SUSE bug 927949cpe:/o:suse:sled:12CVE-2015-1877SUSE Linux Enterprise Desktop 12
The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote attackers to execute arbitrary commands via a crafted file.
LowCVE-2015-1877SUSE bug 918836cpe:/o:suse:sled:12CVE-2015-2041SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.
ModerateCVE-2015-2041SUSE bug 903967SUSE bug 919007cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2042SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.
ModerateCVE-2015-2042SUSE bug 903967SUSE bug 919018cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2044SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.
ModerateCVE-2015-2044SUSE bug 918995SUSE bug 918998cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2045SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.
ModerateCVE-2015-2045SUSE bug 918998cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2059SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
LowCVE-2015-2059SUSE bug 1173590SUSE bug 919214SUSE bug 923241SUSE bug 937096SUSE bug 937097cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
ModerateCVE-2015-2150SUSE bug 800280SUSE bug 903967SUSE bug 919463cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2151SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2015-2151SUSE bug 918998SUSE bug 919464cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2152SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support.
ModerateCVE-2015-2152SUSE bug 918998SUSE bug 919663SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2153SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).
ModerateCVE-2015-2153SUSE bug 922221SUSE bug 922222SUSE bug 922223cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2154SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.
ModerateCVE-2015-2154SUSE bug 922222cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2155SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2015-2155SUSE bug 922220SUSE bug 922221SUSE bug 922222SUSE bug 922223cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2170SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2015-2170SUSE bug 1040662SUSE bug 921950SUSE bug 922560SUSE bug 929192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2187SUSE Linux Enterprise Desktop 12
The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet.
ModerateCVE-2015-2187SUSE bug 920695cpe:/o:suse:sled:12CVE-2015-2188SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.
ModerateCVE-2015-2188SUSE bug 920696cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2189SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
ModerateCVE-2015-2189SUSE bug 920697cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2190SUSE Linux Enterprise Desktop 12
epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector.
ModerateCVE-2015-2190SUSE bug 920698cpe:/o:suse:sled:12CVE-2015-2191SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
ModerateCVE-2015-2191SUSE bug 920699cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2192SUSE Linux Enterprise Desktop 12
Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
ModerateCVE-2015-2192SUSE bug 920700cpe:/o:suse:sled:12CVE-2015-2221SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
ModerateCVE-2015-2221SUSE bug 1040662SUSE bug 921950SUSE bug 922560SUSE bug 929192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2222SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
ModerateCVE-2015-2222SUSE bug 1040662SUSE bug 921950SUSE bug 922560SUSE bug 929192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2265SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
ModerateCVE-2015-2265SUSE bug 921753SUSE bug 937018cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2296SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.
ModerateCVE-2015-2296SUSE bug 922448SUSE bug 926396cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2304SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.
ModerateCVE-2015-2304SUSE bug 920870cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2305SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.
ModerateCVE-2015-2305SUSE bug 1040662SUSE bug 921950SUSE bug 922022SUSE bug 922028SUSE bug 922030SUSE bug 922043SUSE bug 922560SUSE bug 922567SUSE bug 929192SUSE bug 980366cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2325SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.
ModerateCVE-2015-2325SUSE bug 924960SUSE bug 933288SUSE bug 936408SUSE bug 958373cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2326SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/".
ModerateCVE-2015-2326SUSE bug 924960SUSE bug 924961SUSE bug 933288SUSE bug 936408SUSE bug 958373cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2327SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-2327SUSE bug 906574SUSE bug 957567cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2328SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-2328SUSE bug 906574SUSE bug 957600cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2330SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.
ModerateCVE-2015-2330SUSE bug 922895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2331SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
ModerateCVE-2015-2331SUSE bug 922894SUSE bug 923240cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2568SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.
ModerateCVE-2015-2568SUSE bug 927623SUSE bug 936409cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
ModerateCVE-2015-2571SUSE bug 927623SUSE bug 936408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2573SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
ModerateCVE-2015-2573SUSE bug 927623SUSE bug 936409cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2590SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
ImportantCVE-2015-2590SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2596SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
ImportantCVE-2015-2596SUSE bug 937828SUSE bug 938248cpe:/o:suse:sled:12CVE-2015-2597SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
ImportantCVE-2015-2597SUSE bug 937828SUSE bug 938248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2601SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
ImportantCVE-2015-2601SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2613SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
ModerateCVE-2015-2613SUSE bug 937828SUSE bug 938248SUSE bug 938895SUSE bug 951727cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2619SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ImportantCVE-2015-2619SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2621SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.
ImportantCVE-2015-2621SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2625SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
ImportantCVE-2015-2625SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2627SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation.
ImportantCVE-2015-2627SUSE bug 937828SUSE bug 938248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2628SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
ImportantCVE-2015-2628SUSE bug 937828SUSE bug 938248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2632SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ImportantCVE-2015-2632SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2637SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ImportantCVE-2015-2637SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2638SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ImportantCVE-2015-2638SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2659SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security.
ImportantCVE-2015-2659SUSE bug 937828SUSE bug 938248cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2664SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
ImportantCVE-2015-2664SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2666SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.
ModerateCVE-2015-2666SUSE bug 922944cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2668SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
ModerateCVE-2015-2668SUSE bug 1040662SUSE bug 921950SUSE bug 922560SUSE bug 929192cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2675SUSE Linux Enterprise Desktop 12
The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.
ModerateCVE-2015-2675SUSE bug 923618cpe:/o:suse:sled:12CVE-2015-2694SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1) zero bytes of data or (2) an arbitrary realm name, related to plugins/preauth/otp/main.c and plugins/preauth/pkinit/pkinit_srv.c.
ModerateCVE-2015-2694SUSE bug 928978cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2695SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.
ImportantCVE-2015-2695SUSE bug 770172SUSE bug 952188SUSE bug 969771cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2696SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.
ImportantCVE-2015-2696SUSE bug 770172SUSE bug 952189SUSE bug 954204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2697SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.
ModerateCVE-2015-2697SUSE bug 770172SUSE bug 952190cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2698SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspecified other impact by interacting with an application that calls the gss_export_sec_context function. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-2696.
ModerateCVE-2015-2698SUSE bug 770172SUSE bug 954204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2706SUSE Linux Enterprise Desktop 12
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
ModerateCVE-2015-2706SUSE bug 928116cpe:/o:suse:sled:12CVE-2015-2708SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2015-2708SUSE bug 930622cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2709SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2015-2709SUSE bug 930622cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2710SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
CriticalCVE-2015-2710SUSE bug 930622cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2713SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
CriticalCVE-2015-2713SUSE bug 930622cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2716SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.
CriticalCVE-2015-2716SUSE bug 930622SUSE bug 939077SUSE bug 980391SUSE bug 983985cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2721SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.
ModerateCVE-2015-2721SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2722SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.
ModerateCVE-2015-2722SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2724SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2015-2724SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2725SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2015-2725SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2726SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2015-2726SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2728SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a "type confusion" issue.
ModerateCVE-2015-2728SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2730SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.
ModerateCVE-2015-2730SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2733SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.
ModerateCVE-2015-2733SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2734SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
ModerateCVE-2015-2734SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2735SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
ModerateCVE-2015-2735SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2736SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
ModerateCVE-2015-2736SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2737SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
ModerateCVE-2015-2737SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2738SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
ModerateCVE-2015-2738SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2739SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.
ModerateCVE-2015-2739SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2740SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.
ModerateCVE-2015-2740SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2743SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.
ModerateCVE-2015-2743SUSE bug 935979cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2751SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.
LowCVE-2015-2751SUSE bug 922709SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2752SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).
ModerateCVE-2015-2752SUSE bug 922705cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2756SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
ModerateCVE-2015-2756SUSE bug 922706cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2806SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.
ModerateCVE-2015-2806SUSE bug 924828SUSE bug 929414SUSE bug 961491cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2808SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
ImportantCVE-2015-2808SUSE bug 925378SUSE bug 938248SUSE bug 938895SUSE bug 952088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2830SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.
ModerateCVE-2015-2830SUSE bug 903967SUSE bug 926240cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2922SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.
ModerateCVE-2015-2922SUSE bug 903967SUSE bug 922583SUSE bug 926223cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-2924SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922.
ModerateCVE-2015-2924SUSE bug 926223cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-2925SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."
ModerateCVE-2015-2925SUSE bug 926238SUSE bug 951625SUSE bug 951638SUSE bug 963994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3038SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-3038SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3039SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358.
ModerateCVE-2015-3039SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3040SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357.
ModerateCVE-2015-3040SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3041SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3042, and CVE-2015-3043.
ModerateCVE-2015-3041SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3042SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3043.
ModerateCVE-2015-3042SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3043SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042.
ModerateCVE-2015-3043SUSE bug 927089cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3044SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
ModerateCVE-2015-3044SUSE bug 927089SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3077SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3084 and CVE-2015-3086.
ModerateCVE-2015-3077SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3078SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3089, CVE-2015-3090, and CVE-2015-3093.
ModerateCVE-2015-3078SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3079SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
ModerateCVE-2015-3079SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3080SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2015-3080SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3081SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to bypass the Internet Explorer Protected Mode protection mechanism via unspecified vectors.
ModerateCVE-2015-3081SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3082SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3083 and CVE-2015-3085.
ModerateCVE-2015-3082SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3083SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3082 and CVE-2015-3085.
ModerateCVE-2015-3083SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3084SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3077 and CVE-2015-3086.
ModerateCVE-2015-3084SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3085SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3082 and CVE-2015-3083.
ModerateCVE-2015-3085SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3086SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3077 and CVE-2015-3084.
ModerateCVE-2015-3086SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3087SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2015-3087SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3088SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2015-3088SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3089SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3090, and CVE-2015-3093.
ModerateCVE-2015-3089SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3090SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3089, and CVE-2015-3093.
ModerateCVE-2015-3090SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3091SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3092.
ModerateCVE-2015-3091SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3092SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3091.
ModerateCVE-2015-3092SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3093SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3089, and CVE-2015-3090.
ModerateCVE-2015-3093SUSE bug 930677cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3096SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass a CVE-2014-5333 protection mechanism via unspecified vectors.
ImportantCVE-2015-3096SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3098SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3099 and CVE-2015-3102.
ImportantCVE-2015-3098SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3099SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3102.
ImportantCVE-2015-3099SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3100SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2015-3100SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3102SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3099.
ImportantCVE-2015-3102SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3103SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3106 and CVE-2015-3107.
ImportantCVE-2015-3103SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3104SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2015-3104SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3105SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
ImportantCVE-2015-3105SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3106SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3107.
ImportantCVE-2015-3106SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3107SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3106.
ImportantCVE-2015-3107SUSE bug 934088SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3108SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.
ImportantCVE-2015-3108SUSE bug 934088cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3113SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
ImportantCVE-2015-3113SUSE bug 935701cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3114SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
CriticalCVE-2015-3114SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3115SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3116, CVE-2015-3125, and CVE-2015-5116.
CriticalCVE-2015-3115SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3116SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3125, and CVE-2015-5116.
CriticalCVE-2015-3116SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3117SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431.
CriticalCVE-2015-3117SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3118SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3118SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3119SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, and CVE-2015-4433.
CriticalCVE-2015-3119SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3120SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3119, CVE-2015-3121, CVE-2015-3122, and CVE-2015-4433.
CriticalCVE-2015-3120SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3121SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3119, CVE-2015-3120, CVE-2015-3122, and CVE-2015-4433.
CriticalCVE-2015-3121SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3122SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, and CVE-2015-4433.
CriticalCVE-2015-3122SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3123SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431.
CriticalCVE-2015-3123SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3124SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3124SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3125SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, and CVE-2015-5116.
CriticalCVE-2015-3125SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3126SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-4429.
CriticalCVE-2015-3126SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3127SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3127SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3128SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3128SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3129SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3129SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3130SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431.
CriticalCVE-2015-3130SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3131SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3131SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3132SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3132SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3133SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3134, and CVE-2015-4431.
CriticalCVE-2015-3133SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3134SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, and CVE-2015-4431.
CriticalCVE-2015-3134SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3135SUSE Linux Enterprise Desktop 12
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-4432 and CVE-2015-5118.
CriticalCVE-2015-3135SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3136SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3136SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3137SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-3137SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-3138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).
LowCVE-2015-3138SUSE bug 927637cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
ModerateCVE-2015-3143SUSE bug 927556cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3144SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80."
ModerateCVE-2015-3144SUSE bug 927608SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3145SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
ModerateCVE-2015-3145SUSE bug 927607cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.
ModerateCVE-2015-3146SUSE bug 928323cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3148SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
ModerateCVE-2015-3148SUSE bug 1092962SUSE bug 927746cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3152SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
ModerateCVE-2015-3152SUSE bug 1037590SUSE bug 1047059SUSE bug 1088681SUSE bug 924663SUSE bug 928962SUSE bug 936407cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3153SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents.
ModerateCVE-2015-3153SUSE bug 928533SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3164SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
ImportantCVE-2015-3164SUSE bug 1177201SUSE bug 934102cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3165SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
ModerateCVE-2015-3165SUSE bug 931972SUSE bug 931973SUSE bug 931974SUSE bug 932040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3166SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.
ModerateCVE-2015-3166SUSE bug 931972SUSE bug 931973SUSE bug 931974SUSE bug 932040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3167SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.
ModerateCVE-2015-3167SUSE bug 931972SUSE bug 931973SUSE bug 931974SUSE bug 932040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3193SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.
ModerateCVE-2015-3193SUSE bug 1022086SUSE bug 1066242SUSE bug 1071906SUSE bug 957814SUSE bug 960151SUSE bug 990370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2015-3194SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
ModerateCVE-2015-3194SUSE bug 957812SUSE bug 957815SUSE bug 958768SUSE bug 976341SUSE bug 990370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3195SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
ModerateCVE-2015-3195SUSE bug 923755SUSE bug 957812SUSE bug 957815SUSE bug 958768SUSE bug 963977SUSE bug 986238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3196SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.
ModerateCVE-2015-3196SUSE bug 957813cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3197SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
LowCVE-2015-3197SUSE bug 963410SUSE bug 963415SUSE bug 968044SUSE bug 968046cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3202SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
ModerateCVE-2015-3202SUSE bug 931452cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3209SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
ImportantCVE-2015-3209SUSE bug 932267SUSE bug 932770SUSE bug 932823cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3210SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?P<B>c)(?P<B>a(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.
LowCVE-2015-3210SUSE bug 933288SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3212SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system calls related to sockets, as demonstrated by setsockopt calls.
ModerateCVE-2015-3212SUSE bug 936502cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3214SUSE Linux Enterprise Desktop 12
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.
ModerateCVE-2015-3214SUSE bug 934069SUSE bug 936025cpe:/o:suse:sled:12CVE-2015-3216SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
ModerateCVE-2015-3216SUSE bug 933898cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3217SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_])?)+)+$/.
ModerateCVE-2015-3217SUSE bug 933878SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3218SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path.
ModerateCVE-2015-3218SUSE bug 933922SUSE bug 943816cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3223SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
ImportantCVE-2015-3223SUSE bug 958581cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3228SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write.
ModerateCVE-2015-3228SUSE bug 939342cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3236SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP4
cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors.
ModerateCVE-2015-3236SUSE bug 934501SUSE bug 951391cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp4CVE-2015-3237SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP4
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
ModerateCVE-2015-3237SUSE bug 934502cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp4CVE-2015-3238SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
ModerateCVE-2015-3238SUSE bug 1123794SUSE bug 934920cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3239SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.
LowCVE-2015-3239SUSE bug 1122012SUSE bug 936786cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3243SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.
ModerateCVE-2015-3243SUSE bug 1098851SUSE bug 1126233SUSE bug 935393cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3247SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
ImportantCVE-2015-3247SUSE bug 944460cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3255SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.
ModerateCVE-2015-3255SUSE bug 939246SUSE bug 943816cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3256SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."
ModerateCVE-2015-3256SUSE bug 943816cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3258SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.
ModerateCVE-2015-3258SUSE bug 921753SUSE bug 936281SUSE bug 937018cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3259SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument.
ModerateCVE-2015-3259SUSE bug 935634SUSE bug 936281SUSE bug 937018SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3276SUSE Linux Enterprise Desktop 12
The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.
ModerateCVE-2015-3276SUSE bug 938567cpe:/o:suse:sled:12CVE-2015-3277SUSE Linux Enterprise Desktop 12
The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring.
ModerateCVE-2015-3277SUSE bug 938567cpe:/o:suse:sled:12CVE-2015-3278SUSE Linux Enterprise Desktop 12
The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors.
ModerateCVE-2015-3278SUSE bug 938571cpe:/o:suse:sled:12CVE-2015-3279SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.
ModerateCVE-2015-3279SUSE bug 921753SUSE bug 936281SUSE bug 937018cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3288SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.
ModerateCVE-2015-3288SUSE bug 979021cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3290SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window.
ImportantCVE-2015-3290SUSE bug 937969SUSE bug 937970SUSE bug 938706SUSE bug 939207SUSE bug 939269cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3291SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI.
LowCVE-2015-3291SUSE bug 937969SUSE bug 937970SUSE bug 938706cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3294SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
ModerateCVE-2015-3294SUSE bug 923144SUSE bug 928867cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3308SUSE Linux Enterprise Desktop 12
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.
ModerateCVE-2015-3308SUSE bug 927411cpe:/o:suse:sled:12CVE-2015-3310SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.
ModerateCVE-2015-3310SUSE bug 927841cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3331SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a crypto API call, as demonstrated by use of a libkcapi test program with an AF_ALG(aead) socket.
ModerateCVE-2015-3331SUSE bug 927257SUSE bug 931231SUSE bug 939262cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3332SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.
ModerateCVE-2015-3332SUSE bug 903967SUSE bug 928135cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3339SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.
ModerateCVE-2015-3339SUSE bug 903967SUSE bug 928130SUSE bug 939263cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3340SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
LowCVE-2015-3340SUSE bug 927967SUSE bug 929339cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3405SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.
ModerateCVE-2015-3405SUSE bug 924202SUSE bug 928321cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3415SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.
ModerateCVE-2015-3415SUSE bug 1190372SUSE bug 928700SUSE bug 928701SUSE bug 928702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3418SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
ModerateCVE-2015-3418SUSE bug 928520cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3451SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
LowCVE-2015-3451SUSE bug 929237cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3456SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
ModerateCVE-2015-3456SUSE bug 929339SUSE bug 932770SUSE bug 935900cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3622SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.
LowCVE-2015-3622SUSE bug 929414cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3636SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.
ModerateCVE-2015-3636SUSE bug 929525SUSE bug 939277SUSE bug 994624cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-3658SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.
ModerateCVE-2015-3658SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3659SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
ModerateCVE-2015-3659SUSE bug 936835SUSE bug 936836SUSE bug 971460cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3717SUSE Linux Enterprise Desktop 12
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
ModerateCVE-2015-3717SUSE bug 936836cpe:/o:suse:sled:12CVE-2015-3727SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.
ModerateCVE-2015-3727SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3731SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ModerateCVE-2015-3731SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3741SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ModerateCVE-2015-3741SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3743SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ModerateCVE-2015-3743SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3745SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ModerateCVE-2015-3745SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3747SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ModerateCVE-2015-3747SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3748SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ModerateCVE-2015-3748SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3749SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ModerateCVE-2015-3749SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3752SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request.
ModerateCVE-2015-3752SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3811SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.
ModerateCVE-2015-3811SUSE bug 930689SUSE bug 930691cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3812SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.
ModerateCVE-2015-3812SUSE bug 930689SUSE bug 930691cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3813SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet.
ModerateCVE-2015-3813SUSE bug 930689cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3814SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-3814SUSE bug 930689SUSE bug 930691cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3885SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
ModerateCVE-2015-3885SUSE bug 930683cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3900SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."
ImportantCVE-2015-3900SUSE bug 936032cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-3991SUSE Linux Enterprise Desktop 12
strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.
ModerateCVE-2015-3991SUSE bug 931272cpe:/o:suse:sled:12CVE-2015-4000SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
ImportantCVE-2015-4000SUSE bug 1074631SUSE bug 931600SUSE bug 931698SUSE bug 931723SUSE bug 931845SUSE bug 932026SUSE bug 932483SUSE bug 934789SUSE bug 935033SUSE bug 935540SUSE bug 935979SUSE bug 937202SUSE bug 937766SUSE bug 938248SUSE bug 938432SUSE bug 938895SUSE bug 938905SUSE bug 938906SUSE bug 938913SUSE bug 938945SUSE bug 943664SUSE bug 944729SUSE bug 945582SUSE bug 955589SUSE bug 980406SUSE bug 990592cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4001SUSE Linux Enterprise Desktop 12
Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet.
CriticalCVE-2015-4001SUSE bug 933934cpe:/o:suse:sled:12CVE-2015-4002SUSE Linux Enterprise Desktop 12
drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.
CriticalCVE-2015-4002SUSE bug 933934cpe:/o:suse:sled:12CVE-2015-4003SUSE Linux Enterprise Desktop 12
The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet.
ImportantCVE-2015-4003SUSE bug 933934cpe:/o:suse:sled:12CVE-2015-4004SUSE Linux Enterprise Desktop 12
The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet.
ImportantCVE-2015-4004SUSE bug 933934cpe:/o:suse:sled:12CVE-2015-4035SUSE Linux Enterprise Desktop 12
scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.
ModerateCVE-2015-4035SUSE bug 931678cpe:/o:suse:sled:12CVE-2015-4036SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced.
ModerateCVE-2015-4036SUSE bug 931988cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-4037SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.
ModerateCVE-2015-4037SUSE bug 932267SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4041SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings.
ModerateCVE-2015-4041SUSE bug 928749cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4042SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.
ModerateCVE-2015-4042SUSE bug 928749cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4103SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.
ModerateCVE-2015-4103SUSE bug 931625cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4104SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.
ModerateCVE-2015-4104SUSE bug 931626cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4105SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.
ModerateCVE-2015-4105SUSE bug 931627cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4106SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.
ModerateCVE-2015-4106SUSE bug 931628cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4141SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.
ModerateCVE-2015-4141SUSE bug 915323SUSE bug 930077cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4142SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
ModerateCVE-2015-4142SUSE bug 915323SUSE bug 930078cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4143SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.
ModerateCVE-2015-4143SUSE bug 930079cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4163SUSE Linux Enterprise Desktop 12
GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version.
ModerateCVE-2015-4163SUSE bug 932790cpe:/o:suse:sled:12CVE-2015-4164SUSE Linux Enterprise Desktop 12
The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.
ModerateCVE-2015-4164SUSE bug 932996SUSE bug 950367cpe:/o:suse:sled:12CVE-2015-4167SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.
ModerateCVE-2015-4167SUSE bug 917839SUSE bug 933907cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2015-4171SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
LowCVE-2015-4171SUSE bug 931845SUSE bug 933591cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4176SUSE Linux Enterprise Desktop 12
fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory.
ModerateCVE-2015-4176SUSE bug 933971cpe:/o:suse:sled:12CVE-2015-4177SUSE Linux Enterprise Desktop 12
The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call.
ModerateCVE-2015-4177SUSE bug 933969SUSE bug 933970cpe:/o:suse:sled:12CVE-2015-4178SUSE Linux Enterprise Desktop 12
The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h.
ModerateCVE-2015-4178SUSE bug 933969SUSE bug 933970SUSE bug 933971cpe:/o:suse:sled:12CVE-2015-4428SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4430, and CVE-2015-5117.
CriticalCVE-2015-4428SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-4429SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-3126.
CriticalCVE-2015-4429SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-4430SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, and CVE-2015-5117.
CriticalCVE-2015-4430SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-4431SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, and CVE-2015-3134.
CriticalCVE-2015-4431SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-4432SUSE Linux Enterprise Desktop 12
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3135 and CVE-2015-5118.
CriticalCVE-2015-4432SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-4433SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, and CVE-2015-3122.
CriticalCVE-2015-4433SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-4467SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The chmd_init_decomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted CHM file.
ModerateCVE-2015-4467SUSE bug 934524SUSE bug 934525SUSE bug 934529SUSE bug 934533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4468SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.
ModerateCVE-2015-4468SUSE bug 934524SUSE bug 934526SUSE bug 934529SUSE bug 934533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4469SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file.
ModerateCVE-2015-4469SUSE bug 934524SUSE bug 934526SUSE bug 934529SUSE bug 934533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4470SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
ModerateCVE-2015-4470SUSE bug 934527SUSE bug 934533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4471SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.
ModerateCVE-2015-4471SUSE bug 934528SUSE bug 934533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4472SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CHM file.
ModerateCVE-2015-4472SUSE bug 934525SUSE bug 934529SUSE bug 934533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4473SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-4473SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4474SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2015-4474SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4475SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.
ImportantCVE-2015-4475SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4478SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.
ImportantCVE-2015-4478SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4479SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.
ImportantCVE-2015-4479SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4484SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.
ImportantCVE-2015-4484SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.
ImportantCVE-2015-4485SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4486SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.
ImportantCVE-2015-4486SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4487SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
ImportantCVE-2015-4487SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4488SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.
ImportantCVE-2015-4488SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4489SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.
ImportantCVE-2015-4489SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4491SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.
ModerateCVE-2015-4491SUSE bug 940806SUSE bug 942801SUSE bug 948790cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4492SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
ImportantCVE-2015-4492SUSE bug 940806cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4495SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
ModerateCVE-2015-4495SUSE bug 940806SUSE bug 940918cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4497SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
ModerateCVE-2015-4497SUSE bug 943550SUSE bug 943557SUSE bug 943608cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4498SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.
ModerateCVE-2015-4498SUSE bug 943550SUSE bug 943558SUSE bug 943608cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4500SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2015-4500SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4501SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2015-4501SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4506SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.
ModerateCVE-2015-4506SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4509SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.
CriticalCVE-2015-4509SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4511SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.
ImportantCVE-2015-4511SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4513SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-4513SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4517SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-4517SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4519SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.
ModerateCVE-2015-4519SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4520SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.
ImportantCVE-2015-4520SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4521SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-4521SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4522SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
ImportantCVE-2015-4522SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4551SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.
ModerateCVE-2015-4551SUSE bug 893141SUSE bug 934423SUSE bug 936188SUSE bug 936190SUSE bug 940838cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4588SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
ModerateCVE-2015-4588SUSE bug 933109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4620SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.
ModerateCVE-2015-4620SUSE bug 936476cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4625SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
LowCVE-2015-4625SUSE bug 935119SUSE bug 943816cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4692SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.
ModerateCVE-2015-4692SUSE bug 935542cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-4695SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
ModerateCVE-2015-4695SUSE bug 936058cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4696SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.
ModerateCVE-2015-4696SUSE bug 936062cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4729SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.
ImportantCVE-2015-4729SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4731SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
ImportantCVE-2015-4731SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4732SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590.
ImportantCVE-2015-4732SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4733SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
ImportantCVE-2015-4733SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4734SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.
ModerateCVE-2015-4734SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4736SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
ImportantCVE-2015-4736SUSE bug 937828SUSE bug 938248cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4748SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
ImportantCVE-2015-4748SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4749SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
ImportantCVE-2015-4749SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4760SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ImportantCVE-2015-4760SUSE bug 937828SUSE bug 938248SUSE bug 938895cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4792SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.
ModerateCVE-2015-4792SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4802SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.
ModerateCVE-2015-4802SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4803SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.
ModerateCVE-2015-4803SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4805SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
ModerateCVE-2015-4805SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4806SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
ModerateCVE-2015-4806SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4807SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.
ModerateCVE-2015-4807SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4810SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
ModerateCVE-2015-4810SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4815SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.
ModerateCVE-2015-4815SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4816SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
ModerateCVE-2015-4816SUSE bug 951391SUSE bug 958790cpe:/o:suse:sled:12CVE-2015-4819SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
ModerateCVE-2015-4819SUSE bug 951391SUSE bug 958790SUSE bug 969667cpe:/o:suse:sled:12CVE-2015-4826SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.
ModerateCVE-2015-4826SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4830SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
ModerateCVE-2015-4830SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4835SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.
ModerateCVE-2015-4835SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4836SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
ModerateCVE-2015-4836SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4840SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ModerateCVE-2015-4840SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4842SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
ModerateCVE-2015-4842SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4843SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ModerateCVE-2015-4843SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4844SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ModerateCVE-2015-4844SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4858SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.
ModerateCVE-2015-4858SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4860SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.
ModerateCVE-2015-4860SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4861SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
ModerateCVE-2015-4861SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4868SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ModerateCVE-2015-4868SUSE bug 951376cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4870SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
ModerateCVE-2015-4870SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4871SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
ModerateCVE-2015-4871SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4872SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
ModerateCVE-2015-4872SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4879SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.
ModerateCVE-2015-4879SUSE bug 951391SUSE bug 958790cpe:/o:suse:sled:12CVE-2015-4881SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.
CriticalCVE-2015-4881SUSE bug 951376cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4882SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.
ModerateCVE-2015-4882SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4883SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.
ModerateCVE-2015-4883SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4893SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
ModerateCVE-2015-4893SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4895SUSE Linux Enterprise Desktop 12
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
ModerateCVE-2015-4895SUSE bug 951391SUSE bug 958790cpe:/o:suse:sled:12CVE-2015-4901SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
ModerateCVE-2015-4901SUSE bug 951376cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4902SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
ModerateCVE-2015-4902SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4903SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.
ModerateCVE-2015-4903SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4906SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916.
ModerateCVE-2015-4906SUSE bug 951376cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4908SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916.
ModerateCVE-2015-4908SUSE bug 951376cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4911SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
ModerateCVE-2015-4911SUSE bug 951376SUSE bug 955131cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4913SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
ModerateCVE-2015-4913SUSE bug 951391SUSE bug 958789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-4916SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908.
ModerateCVE-2015-4916SUSE bug 951376cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5073SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.
LowCVE-2015-5073SUSE bug 936227cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5116SUSE Linux Enterprise Desktop 12
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, and CVE-2015-3125.
CriticalCVE-2015-5116SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-5117SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, and CVE-2015-4430.
CriticalCVE-2015-5117SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-5118SUSE Linux Enterprise Desktop 12
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3135 and CVE-2015-4432.
CriticalCVE-2015-5118SUSE bug 937339cpe:/o:suse:sled:12CVE-2015-5119SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.
CriticalCVE-2015-5119SUSE bug 937339SUSE bug 937752cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5122SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
ImportantCVE-2015-5122SUSE bug 937752cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5123SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.
ImportantCVE-2015-5123SUSE bug 937752cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5124SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431.
CriticalCVE-2015-5124SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5125SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2015-5125SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5127SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5127SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5128SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2015-5128SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5129SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5541.
ModerateCVE-2015-5129SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5130SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5130SUSE bug 941239SUSE bug 952254cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5131SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5132 and CVE-2015-5133.
ModerateCVE-2015-5131SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5132SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5133.
ModerateCVE-2015-5132SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5133SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5132.
ModerateCVE-2015-5133SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5134SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5134SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5154SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
ModerateCVE-2015-5154SUSE bug 938344SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5156SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.
ModerateCVE-2015-5156SUSE bug 1091815SUSE bug 1123903SUSE bug 940776SUSE bug 945048SUSE bug 951638cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5157SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.
ImportantCVE-2015-5157SUSE bug 937969SUSE bug 937970SUSE bug 938706SUSE bug 939207cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5158SUSE Linux Enterprise Desktop 12
Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descriptor block.
ModerateCVE-2015-5158SUSE bug 939254cpe:/o:suse:sled:12CVE-2015-5165SUSE Linux Enterprise Desktop 12
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
ModerateCVE-2015-5165SUSE bug 939712SUSE bug 950367cpe:/o:suse:sled:12CVE-2015-5166SUSE Linux Enterprise Desktop 12
Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.
ModerateCVE-2015-5166SUSE bug 939709SUSE bug 950367cpe:/o:suse:sled:12CVE-2015-5180SUSE Linux Enterprise Desktop 12 SP4
res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).
LowCVE-2015-5180SUSE bug 941234cpe:/o:suse:sled:12:sp4CVE-2015-5185SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty className in a packet.
ModerateCVE-2015-5185SUSE bug 942628cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5186SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Audit before 2.4.4 in Linux does not sanitize escape characters in filenames.
ModerateCVE-2015-5186SUSE bug 941922cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5191SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
ModerateCVE-2015-5191SUSE bug 1007600cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5198SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAU_DRIVER_PATH environment variable.
ModerateCVE-2015-5198SUSE bug 943967cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5199SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable.
ModerateCVE-2015-5199SUSE bug 943968cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5200SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors.
ModerateCVE-2015-5200SUSE bug 943969cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5203SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
ModerateCVE-2015-5203SUSE bug 1178702SUSE bug 941919SUSE bug 942553cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5212SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
ModerateCVE-2015-5212SUSE bug 934423SUSE bug 936188cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5213SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
ModerateCVE-2015-5213SUSE bug 934423SUSE bug 936190cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5214SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.
ModerateCVE-2015-5214SUSE bug 934423SUSE bug 940838cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5218SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.
LowCVE-2015-5218SUSE bug 949754cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5219SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
LowCVE-2015-5219SUSE bug 1010964SUSE bug 943216SUSE bug 943218SUSE bug 943219SUSE bug 943221SUSE bug 959243cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5221SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
ImportantCVE-2015-5221SUSE bug 1178702SUSE bug 942553cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5224SUSE Linux Enterprise Desktop 12
The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks.
ModerateCVE-2015-5224SUSE bug 943012cpe:/o:suse:sled:12CVE-2015-5225SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.
ModerateCVE-2015-5225SUSE bug 942845cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5234SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
ModerateCVE-2015-5234SUSE bug 944209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5235SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
ModerateCVE-2015-5235SUSE bug 944208cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5239SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
ModerateCVE-2015-5239SUSE bug 944463SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5247SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
ModerateCVE-2015-5247SUSE bug 945645cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5252SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.
ModerateCVE-2015-5252SUSE bug 958582cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5260SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
ImportantCVE-2015-5260SUSE bug 944787cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5261SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
ImportantCVE-2015-5261SUSE bug 948976SUSE bug 982386cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5276SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.
LowCVE-2015-5276SUSE bug 945842cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5278SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
ModerateCVE-2015-5278SUSE bug 945989cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5279SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
ModerateCVE-2015-5279SUSE bug 945987cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5283SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.
ModerateCVE-2015-5283SUSE bug 947155cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5288SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt.
ModerateCVE-2015-5288SUSE bug 949669SUSE bug 949670cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5289SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
ModerateCVE-2015-5289SUSE bug 949669SUSE bug 949670cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5292SUSE Linux Enterprise Desktop 12
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.
LowCVE-2015-5292SUSE bug 948819cpe:/o:suse:sled:12CVE-2015-5296SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c.
ModerateCVE-2015-5296SUSE bug 1058622SUSE bug 958584SUSE bug 973031cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5299SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory.
ModerateCVE-2015-5299SUSE bug 958583cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5300SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
ModerateCVE-2015-5300SUSE bug 951629SUSE bug 959243SUSE bug 962624cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5307SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
ModerateCVE-2015-5307SUSE bug 953527SUSE bug 954018SUSE bug 954404SUSE bug 954405SUSE bug 962977cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5310SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service (ignored packets) via a WNM Sleep Mode response.
ModerateCVE-2015-5310SUSE bug 952254SUSE bug 953115cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5312SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
ModerateCVE-2015-5312SUSE bug 1123919SUSE bug 957105SUSE bug 959469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5313SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write to arbitrary files via a .. (dot dot) in a volume name.
ModerateCVE-2015-5313SUSE bug 953110cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5330SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.
ModerateCVE-2015-5330SUSE bug 958581SUSE bug 958586cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5352SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
ModerateCVE-2015-5352SUSE bug 1074631SUSE bug 1138392SUSE bug 936695SUSE bug 938277SUSE bug 948086SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5364SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
ModerateCVE-2015-5364SUSE bug 781018SUSE bug 936831SUSE bug 939276SUSE bug 945112cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5366SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.
ModerateCVE-2015-5366SUSE bug 781018SUSE bug 936831SUSE bug 939276SUSE bug 945112cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5370SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.
ImportantCVE-2015-5370SUSE bug 936862SUSE bug 975276SUSE bug 977416cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5477SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
ModerateCVE-2015-5477SUSE bug 1000362SUSE bug 939567SUSE bug 980168cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5539SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5539SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5540SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5540SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5541SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5129.
ModerateCVE-2015-5541SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5544SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.
ModerateCVE-2015-5544SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5545SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.
ModerateCVE-2015-5545SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5546SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.
ModerateCVE-2015-5546SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.
ModerateCVE-2015-5547SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5548SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.
ModerateCVE-2015-5548SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5549SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5552, and CVE-2015-5553.
ModerateCVE-2015-5549SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5550SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5550SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5551SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5551SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5552SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553.
ModerateCVE-2015-5552SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5553SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5552.
ModerateCVE-2015-5553SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5554SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5555, CVE-2015-5558, and CVE-2015-5562.
ModerateCVE-2015-5554SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5558, and CVE-2015-5562.
ModerateCVE-2015-5555SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5556SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5556SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5557SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5557SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5558SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5562.
ModerateCVE-2015-5558SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5559SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5560SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2015-5560SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5561SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5561SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5562SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5558.
ModerateCVE-2015-5562SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5563SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5564, and CVE-2015-5565.
ModerateCVE-2015-5563SUSE bug 941239cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5567SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5579.
ModerateCVE-2015-5567SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5568SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2015-5568SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5569SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 improperly implement the Flash broker API, which has unspecified impact and attack vectors.
ModerateCVE-2015-5569SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5570SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682.
ModerateCVE-2015-5570SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API. NOTE: this issue exists because of an incomplete fix for CVE-2014-4671 and CVE-2014-5333.
ModerateCVE-2015-5571SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5572SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
ModerateCVE-2015-5572SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5573SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
ModerateCVE-2015-5573SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5574SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682.
ModerateCVE-2015-5574SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5575SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677.
ModerateCVE-2015-5575SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5576SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.
ModerateCVE-2015-5576SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5577SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677.
ModerateCVE-2015-5577SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5578SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677.
ModerateCVE-2015-5578SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5579SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5567.
ModerateCVE-2015-5579SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5580SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677.
ModerateCVE-2015-5580SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5581SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5584, and CVE-2015-6682.
ModerateCVE-2015-5581SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5582SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5588, and CVE-2015-6677.
ModerateCVE-2015-5582SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5584SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-6682.
ModerateCVE-2015-5584SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5587SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2015-5587SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5588SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-6677.
ModerateCVE-2015-5588SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5600SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
ModerateCVE-2015-5600SUSE bug 1009988SUSE bug 1074631SUSE bug 1138392SUSE bug 938746SUSE bug 943006SUSE bug 943007SUSE bug 943010SUSE bug 943504SUSE bug 945985SUSE bug 948086SUSE bug 954457SUSE bug 957883SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5621SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
ModerateCVE-2015-5621SUSE bug 1111123SUSE bug 940188SUSE bug 969779cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5697SUSE Linux Enterprise Desktop 12
The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.
LowCVE-2015-5697SUSE bug 939994SUSE bug 963994cpe:/o:suse:sled:12CVE-2015-5707SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
ModerateCVE-2015-5707SUSE bug 923755SUSE bug 940338SUSE bug 940342SUSE bug 963994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-5722SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
ImportantCVE-2015-5722SUSE bug 944066SUSE bug 944107SUSE bug 954983SUSE bug 958861cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5745SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
LowCVE-2015-5745SUSE bug 940929SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5788SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.
ModerateCVE-2015-5788SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5794SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ModerateCVE-2015-5794SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5801SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ModerateCVE-2015-5801SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5809SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ModerateCVE-2015-5809SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5822SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ModerateCVE-2015-5822SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5928SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
ModerateCVE-2015-5928SUSE bug 971460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-5969SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.
ModerateCVE-2015-5969SUSE bug 957174cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6241SUSE Linux Enterprise Desktop 12
The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6241SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6242SUSE Linux Enterprise Desktop 12
The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet.
ModerateCVE-2015-6242SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6243SUSE Linux Enterprise Desktop 12
The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions.
ModerateCVE-2015-6243SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6244SUSE Linux Enterprise Desktop 12
The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6244SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6245SUSE Linux Enterprise Desktop 12
epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-6245SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6246SUSE Linux Enterprise Desktop 12
The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6246SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6247SUSE Linux Enterprise Desktop 12
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-6247SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6248SUSE Linux Enterprise Desktop 12
The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6248SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6249SUSE Linux Enterprise Desktop 12
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6249SUSE bug 941500cpe:/o:suse:sled:12CVE-2015-6251SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
ModerateCVE-2015-6251SUSE bug 941794cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6252SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.
LowCVE-2015-6252SUSE bug 942367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-6502SUSE Linux Enterprise Desktop 12 SP3
Cross-site scripting (XSS) vulnerability in the console in Puppet Enterprise before 2015.2.1 allows remote attackers to inject arbitrary web script or HTML via the string parameter, related to Login Redirect.
ModerateCVE-2015-6502SUSE bug 1072338cpe:/o:suse:sled:12:sp3CVE-2015-6525SUSE Linux Enterprise Desktop 12 SP3
Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space, or (5) evbuffer_read function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier was SPLIT from CVE-2014-6272 per ADT3 due to different affected versions.
LowCVE-2015-6525SUSE bug 897243SUSE bug 943011cpe:/o:suse:sled:12:sp3CVE-2015-6526SUSE Linux Enterprise Desktop 12
The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace.
ModerateCVE-2015-6526SUSE bug 942702cpe:/o:suse:sled:12CVE-2015-6563SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
ModerateCVE-2015-6563SUSE bug 1074631SUSE bug 943006SUSE bug 943007SUSE bug 943010SUSE bug 948086SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6564SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
ModerateCVE-2015-6564SUSE bug 1074631SUSE bug 1138392SUSE bug 942850SUSE bug 943006SUSE bug 943007SUSE bug 943010SUSE bug 948086SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6654SUSE Linux Enterprise Desktop 12
The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map the memory of a foreign guest.
ModerateCVE-2015-6654SUSE bug 942657cpe:/o:suse:sled:12CVE-2015-6676SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6678.
ModerateCVE-2015-6676SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-6677SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-5588.
ModerateCVE-2015-6677SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-6678SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676.
ModerateCVE-2015-6678SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-6679SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
ModerateCVE-2015-6679SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-6682SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-5584.
ModerateCVE-2015-6682SUSE bug 946880cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-6749SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
ModerateCVE-2015-6749SUSE bug 943795cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6806SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service (stack consumption) via an escape sequence with a large repeat count value.
ModerateCVE-2015-6806SUSE bug 944458cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6815SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
LowCVE-2015-6815SUSE bug 944697SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6855SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.
LowCVE-2015-6855SUSE bug 945404SUSE bug 965156cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6908SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
ImportantCVE-2015-6908SUSE bug 945582cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-6937SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.
ModerateCVE-2015-6937SUSE bug 923755SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 963994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2015-7174SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
ImportantCVE-2015-7174SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7175SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
ImportantCVE-2015-7175SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7176SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-7176SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7177SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-7177SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7180SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-7180SUSE bug 947003cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7181SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a "use-after-poison" issue.
ImportantCVE-2015-7181SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.
ImportantCVE-2015-7182SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7183SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
ImportantCVE-2015-7183SUSE bug 952810SUSE bug 962977cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7184SUSE Linux Enterprise Desktop 12
The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ModerateCVE-2015-7184SUSE bug 950686cpe:/o:suse:sled:12CVE-2015-7188SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.
ImportantCVE-2015-7188SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7189SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.
ImportantCVE-2015-7189SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7193SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack of a preflight-request step.
ImportantCVE-2015-7193SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7194SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.
ImportantCVE-2015-7194SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7196SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.
ImportantCVE-2015-7196SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7197SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.
ImportantCVE-2015-7197SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7198SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted texture data.
ImportantCVE-2015-7198SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7199SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.
ImportantCVE-2015-7199SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7200SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.
ImportantCVE-2015-7200SUSE bug 952810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7201SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2015-7201SUSE bug 959277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7202SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2015-7202SUSE bug 959277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7205SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.
ImportantCVE-2015-7205SUSE bug 959277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7210SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.
CriticalCVE-2015-7210SUSE bug 959277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7212SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.
ModerateCVE-2015-7212SUSE bug 959277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7213SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.
ImportantCVE-2015-7213SUSE bug 959277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7214SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.
ImportantCVE-2015-7214SUSE bug 959277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7222SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.
ImportantCVE-2015-7222SUSE bug 959277cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7236SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
ModerateCVE-2015-7236SUSE bug 940191SUSE bug 946204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7295SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface.
ModerateCVE-2015-7295SUSE bug 947159SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7311SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
LowCVE-2015-7311SUSE bug 947165SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7497SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
ModerateCVE-2015-7497SUSE bug 1123919SUSE bug 957106SUSE bug 959469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7498SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
ModerateCVE-2015-7498SUSE bug 1123919SUSE bug 957107SUSE bug 959469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7499SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
ModerateCVE-2015-7499SUSE bug 1123919SUSE bug 957109SUSE bug 959469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7500SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
ModerateCVE-2015-7500SUSE bug 1123919SUSE bug 957110SUSE bug 959469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7504SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
ModerateCVE-2015-7504SUSE bug 956411cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7509SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.
ModerateCVE-2015-7509SUSE bug 956707SUSE bug 956709SUSE bug 956766cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7511SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.
ModerateCVE-2015-7511SUSE bug 965902cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7512SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.
ImportantCVE-2015-7512SUSE bug 957162SUSE bug 962360cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7513SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.
ModerateCVE-2015-7513SUSE bug 960689SUSE bug 987709cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7540SUSE Linux Enterprise Desktop 12
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.
ModerateCVE-2015-7540SUSE bug 958580cpe:/o:suse:sled:12CVE-2015-7542SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.
ModerateCVE-2015-7542SUSE bug 958331cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
ImportantCVE-2015-7547SUSE bug 1077097SUSE bug 847227SUSE bug 961721SUSE bug 967023SUSE bug 967061SUSE bug 967072SUSE bug 967496SUSE bug 969216SUSE bug 969241SUSE bug 969591SUSE bug 986086cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7549SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
LowCVE-2015-7549SUSE bug 958917SUSE bug 958918cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7550SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.
ModerateCVE-2015-7550SUSE bug 1052256SUSE bug 958951cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2015-7551SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.
ModerateCVE-2015-7551SUSE bug 939860SUSE bug 959495cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7552SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.
ModerateCVE-2015-7552SUSE bug 958963cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7554SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.
ImportantCVE-2015-7554SUSE bug 1007276SUSE bug 1017690SUSE bug 1040322SUSE bug 960341SUSE bug 974621SUSE bug 983436cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.
ModerateCVE-2015-7555SUSE bug 960319cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
It was found that the Apache ActiveMQ client before 5.15.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
ModerateCVE-2015-7559cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7560SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.
ModerateCVE-2015-7560SUSE bug 968222cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7575SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.
ModerateCVE-2015-7575SUSE bug 959888SUSE bug 960402SUSE bug 960996SUSE bug 961280SUSE bug 961281SUSE bug 961282SUSE bug 961283SUSE bug 961284SUSE bug 961290SUSE bug 961357SUSE bug 962743SUSE bug 963937SUSE bug 967521SUSE bug 981087cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7613SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.
ImportantCVE-2015-7613SUSE bug 923755SUSE bug 948536SUSE bug 948701SUSE bug 963994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7625SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634.
ModerateCVE-2015-7625SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7626SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634.
ModerateCVE-2015-7626SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7627SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634.
ModerateCVE-2015-7627SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7628SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
ModerateCVE-2015-7628SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7629SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextFormat object with a crafted tabStops property, a different vulnerability than CVE-2015-7631, CVE-2015-7643, and CVE-2015-7644.
ModerateCVE-2015-7629SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7630SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7633, and CVE-2015-7634.
ModerateCVE-2015-7630SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7631SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextLine object with a crafted validity property, a different vulnerability than CVE-2015-7629, CVE-2015-7643, and CVE-2015-7644.
ModerateCVE-2015-7631SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7632SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property.
ModerateCVE-2015-7632SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7633SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7634.
ModerateCVE-2015-7633SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7634SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7633.
ModerateCVE-2015-7634SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7643SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Video object with a crafted deblocking property, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7644.
ModerateCVE-2015-7643SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7644SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7643.
ModerateCVE-2015-7644SUSE bug 950169cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7645SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.
CriticalCVE-2015-7645SUSE bug 950474cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7651SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted DefineFunction atoms, a different vulnerability than CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7651SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7652SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted gridFitType property value, a different vulnerability than CVE-2015-7651, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7652SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7653SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted globalToLocal arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7653SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7654SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted attachSound arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7654SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7655SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionExtends arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7655SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7656SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionImplementsOp arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7656SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7657SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionCallMethod arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7657SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7658SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionInstanceOf arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7658SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7659SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion" in the NetConnection object implementation.
ModerateCVE-2015-7659SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7660SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted setMask arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7660SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7661SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted getBounds call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7661SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7662SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and write to files via unspecified vectors.
ModerateCVE-2015-7662SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7663SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-7663SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7673SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.
ModerateCVE-2015-7673SUSE bug 948790cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7674SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
ModerateCVE-2015-7674SUSE bug 948791cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7691SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
ImportantCVE-2015-7691SUSE bug 1010964SUSE bug 911792SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7692SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
ImportantCVE-2015-7692SUSE bug 1010964SUSE bug 911792SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7696SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
ModerateCVE-2015-7696SUSE bug 1159417SUSE bug 950110cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7697SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
ModerateCVE-2015-7697SUSE bug 1159417SUSE bug 950110SUSE bug 950111cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7701SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
ModerateCVE-2015-7701SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7702SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
ImportantCVE-2015-7702SUSE bug 1010964SUSE bug 911792SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7703SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.
ModerateCVE-2015-7703SUSE bug 1010964SUSE bug 943216SUSE bug 943218SUSE bug 943219SUSE bug 943221SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7704SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
ModerateCVE-2015-7704SUSE bug 1010964SUSE bug 951608SUSE bug 952611SUSE bug 959243SUSE bug 977446cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7705SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
ModerateCVE-2015-7705SUSE bug 1010964SUSE bug 951608SUSE bug 952611SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7747SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c.
LowCVE-2015-7747SUSE bug 949399cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7799SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.
LowCVE-2015-7799SUSE bug 1052256SUSE bug 949936SUSE bug 951638cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7805SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.
ModerateCVE-2015-7805SUSE bug 953516SUSE bug 953519cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7810SUSE Linux Enterprise Desktop 12 SP4
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files
ModerateCVE-2015-7810SUSE bug 1160757cpe:/o:suse:sled:12:sp4CVE-2015-7812SUSE Linux Enterprise Desktop 12
The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface.
ImportantCVE-2015-7812SUSE bug 950171cpe:/o:suse:sled:12CVE-2015-7813SUSE Linux Enterprise Desktop 12
Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of (1) HYPERVISOR_physdev_op hypercalls, which are not properly handled in the do_physdev_op function in arch/arm/physdev.c, or (2) HYPERVISOR_hvm_op hypercalls, which are not properly handled in the do_hvm_op function in arch/arm/hvm.c.
ModerateCVE-2015-7813SUSE bug 950172cpe:/o:suse:sled:12CVE-2015-7814SUSE Linux Enterprise Desktop 12
Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service (host crash) via vectors involving the destruction of a domain and using XENMEM_decrease_reservation to reduce the memory of the domain.
ModerateCVE-2015-7814SUSE bug 950173cpe:/o:suse:sled:12CVE-2015-7830SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.
ModerateCVE-2015-7830SUSE bug 950437SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7833SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.
ModerateCVE-2015-7833SUSE bug 950998cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7835SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping.
ImportantCVE-2015-7835SUSE bug 940929SUSE bug 947159SUSE bug 950367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7837SUSE Linux Enterprise Desktop 12
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.
ModerateCVE-2015-7837SUSE bug 950804cpe:/o:suse:sled:12CVE-2015-7848SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.
ModerateCVE-2015-7848SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7849SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
ModerateCVE-2015-7849SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7850SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
ModerateCVE-2015-7850SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7851SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.
ModerateCVE-2015-7851SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7852SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
ModerateCVE-2015-7852SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7853SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
ModerateCVE-2015-7853SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7854SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
ModerateCVE-2015-7854SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7855SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
ModerateCVE-2015-7855SUSE bug 1010964SUSE bug 951608SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7871SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
ModerateCVE-2015-7871SUSE bug 1010964SUSE bug 951608SUSE bug 952606SUSE bug 959243cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7872SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
ImportantCVE-2015-7872SUSE bug 951440SUSE bug 951542SUSE bug 951638SUSE bug 958463SUSE bug 958601cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7884SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.
LowCVE-2015-7884SUSE bug 1126909SUSE bug 951626SUSE bug 951627cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7885SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.
LowCVE-2015-7885SUSE bug 1126909SUSE bug 951626SUSE bug 951627cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7940SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."
ModerateCVE-2015-7940SUSE bug 951727cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-7941SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.
LowCVE-2015-7941SUSE bug 1123919SUSE bug 951734SUSE bug 951735cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7942SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
LowCVE-2015-7942SUSE bug 1123919SUSE bug 951735cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7969SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall.
ModerateCVE-2015-7969SUSE bug 950703SUSE bug 950705cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7970SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a "time-consuming linear scan," related to Populate-on-Demand.
ModerateCVE-2015-7970SUSE bug 950704cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7971SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c.
ModerateCVE-2015-7971SUSE bug 950706cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7972SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to "heavy memory pressure."
ModerateCVE-2015-7972SUSE bug 950704SUSE bug 951845cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7973SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
ModerateCVE-2015-7973SUSE bug 959243SUSE bug 962995cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7974SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
LowCVE-2015-7974SUSE bug 959243SUSE bug 962960SUSE bug 962995cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7975SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
LowCVE-2015-7975SUSE bug 959243SUSE bug 962988SUSE bug 962995cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7976SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
LowCVE-2015-7976SUSE bug 962802SUSE bug 962995cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7977SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
ModerateCVE-2015-7977SUSE bug 959243SUSE bug 962970SUSE bug 962995cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7978SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.
ModerateCVE-2015-7978SUSE bug 959243SUSE bug 962970SUSE bug 962995SUSE bug 963000cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7979SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
ModerateCVE-2015-7979SUSE bug 959243SUSE bug 962784SUSE bug 962995SUSE bug 977459SUSE bug 982065cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7981SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.
ModerateCVE-2015-7981SUSE bug 952051SUSE bug 960402SUSE bug 963937cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-7990SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.
LowCVE-2015-7990SUSE bug 945825SUSE bug 952384SUSE bug 953052cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2015-7995SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
LowCVE-2015-7995SUSE bug 1123130SUSE bug 952474cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8000SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.
ModerateCVE-2015-8000SUSE bug 944066SUSE bug 958861cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8023SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message.
ImportantCVE-2015-8023SUSE bug 953817cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8025SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors.
ModerateCVE-2015-8025SUSE bug 952062cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8035SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
LowCVE-2015-8035SUSE bug 1088279SUSE bug 1105166SUSE bug 954429cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8041SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
LowCVE-2015-8041SUSE bug 937419cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8042SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted loadSound call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-8042SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8043SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8044, and CVE-2015-8046.
ModerateCVE-2015-8043SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8044SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8046.
ModerateCVE-2015-8044SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8045SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8045SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8046SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8044.
ModerateCVE-2015-8046SUSE bug 954512cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8047SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8047SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8048SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8048SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8049SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted autoSize property value, a different vulnerability than CVE-2015-8048, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8049SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8050SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted beginGradientFill call, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8050SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8055SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8055SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8056SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8056SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8057SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8057SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8058SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8058SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8059SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8059SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8060SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8060SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8061SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8061SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8062SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8062SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8063SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8063SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8064SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8064SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8065SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8065SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8066SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8066SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8067SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8067SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8068SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8068SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8069SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8069SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8070SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8070SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8071SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8071SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8075SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2015-8075SUSE bug 953516SUSE bug 953519cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8079SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db.
LowCVE-2015-8079SUSE bug 954210cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8104SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
ModerateCVE-2015-8104SUSE bug 953527SUSE bug 954018SUSE bug 954404SUSE bug 954405SUSE bug 962977cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8126SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
ModerateCVE-2015-8126SUSE bug 954980SUSE bug 958198SUSE bug 960402SUSE bug 962743SUSE bug 963937SUSE bug 969333cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
ModerateCVE-2015-8138SUSE bug 951608SUSE bug 959243SUSE bug 963002SUSE bug 974668SUSE bug 977446cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
ModerateCVE-2015-8139SUSE bug 1010964SUSE bug 959243SUSE bug 962997cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
ModerateCVE-2015-8140SUSE bug 1010964SUSE bug 959243SUSE bug 962994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8158SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
LowCVE-2015-8158SUSE bug 959243SUSE bug 962966cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8215SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product.
ModerateCVE-2015-8215SUSE bug 1052256SUSE bug 944296SUSE bug 951638SUSE bug 955354cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8239SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
ModerateCVE-2015-8239SUSE bug 955994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8241SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
ModerateCVE-2015-8241SUSE bug 1123919SUSE bug 956018SUSE bug 959469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8242SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
ModerateCVE-2015-8242SUSE bug 1123919SUSE bug 956021SUSE bug 959469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8313SUSE Linux Enterprise Desktop 12
GnuTLS incorrectly validates the first byte of padding in CBC modes
ModerateCVE-2015-8313SUSE bug 957568cpe:/o:suse:sled:12CVE-2015-8317SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
ModerateCVE-2015-8317SUSE bug 1123919SUSE bug 956260SUSE bug 959469cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8325SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.
ModerateCVE-2015-8325SUSE bug 1138392SUSE bug 975865SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8327SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
ModerateCVE-2015-8327SUSE bug 1027197SUSE bug 957531cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8339SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.
ModerateCVE-2015-8339SUSE bug 956408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8340SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handling.
ModerateCVE-2015-8340SUSE bug 956408cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8341SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains.
ModerateCVE-2015-8341SUSE bug 956409cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8345SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
ModerateCVE-2015-8345SUSE bug 956829SUSE bug 956832cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8366SUSE Linux Enterprise Desktop 12 SP1
Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes.
ModerateCVE-2015-8366SUSE bug 1006704SUSE bug 1006717cpe:/o:suse:sled:12:sp1CVE-2015-8367SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.
ModerateCVE-2015-8367SUSE bug 1006704SUSE bug 1006717SUSE bug 957517cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8370SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an "Off-by-two" or "Out of bounds overwrite" memory error.
ModerateCVE-2015-8370SUSE bug 956631cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8380SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8380SUSE bug 957566cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8381SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/ patterns, and related patterns with certain group references, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8381SUSE bug 906574SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8382SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.
ModerateCVE-2015-8382SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8383SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8383SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8384SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395.
ModerateCVE-2015-8384SUSE bug 906574SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8385SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8385SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8386SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8386SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8387SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8387SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8388SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8388SUSE bug 936227SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8389SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8389SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8390SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8390SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8391SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8391SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8392SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8395.
ModerateCVE-2015-8392SUSE bug 906574SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8393SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.
ModerateCVE-2015-8393SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8394SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8394SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8395SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8392.
ModerateCVE-2015-8395SUSE bug 906574SUSE bug 957598SUSE bug 958373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8401SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8401SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8402SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8402SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8403SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8403SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8404SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8404SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8405SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8405SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8406SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8406SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8407SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8457.
ImportantCVE-2015-8407SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8408SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8408SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8409SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-8440 and CVE-2015-8453.
ImportantCVE-2015-8409SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8410SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8410SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8411SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8411SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8412SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8412SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8413SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8413SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8414SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8414SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8415SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2015-8415SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8416SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8416SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8417SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8417SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8418SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8418SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8419SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8419SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8420SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8420SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8421SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8421SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8422SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8422SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8423SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8423SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8424SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8424SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8425SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8425SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8426SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8426SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8427SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8427SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8428SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8428SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8429SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8429SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8430SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8430SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8431SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8431SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8432SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8432SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8433SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8433SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8434SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8434SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8435SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8435SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8436SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the PrintJob object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted addPage arguments, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8436SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8437SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the Selection object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted setFocus call, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8437SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8438SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted XML object that is mishandled during a toString call, a different vulnerability than CVE-2015-8446.
ImportantCVE-2015-8438SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8439SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The SharedObject object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code by leveraging an unspecified "type confusion" during a getRemote call, a different vulnerability than CVE-2015-8456.
ImportantCVE-2015-8439SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8440SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-8409 and CVE-2015-8453.
ImportantCVE-2015-8440SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8441SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8441SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8442SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted filters property value, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8442SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8443SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8443SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8444SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8451, and CVE-2015-8455.
ImportantCVE-2015-8444SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8445SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the Shader filter implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a large BitmapData source object.
ImportantCVE-2015-8445SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8446SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via an MP3 file with COMM tags that are mishandled during memory allocation, a different vulnerability than CVE-2015-8438.
ImportantCVE-2015-8446SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8447SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the Color object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted setTransform arguments, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8447SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8448SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the DisplacementMapFilter object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted mapBitmap property value, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8448SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8449SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted lineTo method call, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8449SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8450SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted filters property value in a TextField object, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8452, and CVE-2015-8454.
ImportantCVE-2015-8450SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8451SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, and CVE-2015-8455.
ImportantCVE-2015-8451SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8452SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, and CVE-2015-8454.
ImportantCVE-2015-8452SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8453SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass the ASLR protection mechanism via JIT data, a different vulnerability than CVE-2015-8409 and CVE-2015-8440.
ImportantCVE-2015-8453SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8454SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, and CVE-2015-8452.
ImportantCVE-2015-8454SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8455SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, and CVE-2015-8451.
ImportantCVE-2015-8455SUSE bug 958324cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8459SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8460, CVE-2015-8636, and CVE-2015-8645.
ModerateCVE-2015-8459SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8460SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8636, and CVE-2015-8645.
CriticalCVE-2015-8460SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8467SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.
ModerateCVE-2015-8467SUSE bug 958585cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8470SUSE Linux Enterprise Desktop 12 SP3
The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not set the secure flag for the JSESSIONID cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
ModerateCVE-2015-8470SUSE bug 1072341cpe:/o:suse:sled:12:sp3CVE-2015-8472SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.
ModerateCVE-2015-8472SUSE bug 954980SUSE bug 958198SUSE bug 960402SUSE bug 963937cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8504SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
ModerateCVE-2015-8504SUSE bug 958491SUSE bug 958493cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8539SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.
ImportantCVE-2015-8539SUSE bug 781018SUSE bug 958463SUSE bug 958601cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8540SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
ModerateCVE-2015-8540SUSE bug 1149680SUSE bug 958791SUSE bug 963937cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8543SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.
ModerateCVE-2015-8543SUSE bug 1052256SUSE bug 923755SUSE bug 958886SUSE bug 963994SUSE bug 969522cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8550SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.
ImportantCVE-2015-8550SUSE bug 1052256SUSE bug 957988cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8551SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."
ModerateCVE-2015-8551SUSE bug 957990cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8552SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks."
ModerateCVE-2015-8552SUSE bug 957990cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8553SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.
ModerateCVE-2015-8553SUSE bug 903967SUSE bug 957990cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8554SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries, related to a "write path."
ModerateCVE-2015-8554SUSE bug 958007cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8555SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors.
ModerateCVE-2015-8555SUSE bug 958009cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8556SUSE Linux Enterprise Desktop 12
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
ModerateCVE-2015-8556SUSE bug 958993cpe:/o:suse:sled:12CVE-2015-8558SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.
ModerateCVE-2015-8558SUSE bug 959005SUSE bug 959006SUSE bug 976109SUSE bug 976111cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8560SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
ModerateCVE-2015-8560SUSE bug 1027197SUSE bug 957531cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8567SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
LowCVE-2015-8567SUSE bug 959386SUSE bug 959387cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8568SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
LowCVE-2015-8568SUSE bug 959386SUSE bug 959387cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8569SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
ModerateCVE-2015-8569SUSE bug 923755SUSE bug 959190SUSE bug 959399SUSE bug 963994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8575SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
ModerateCVE-2015-8575SUSE bug 959190SUSE bug 959399cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8605SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
ModerateCVE-2015-8605SUSE bug 961305cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8607SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.
ModerateCVE-2015-8607SUSE bug 961528cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8613SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
LowCVE-2015-8613SUSE bug 961358SUSE bug 961556cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8615SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ).
ModerateCVE-2015-8615SUSE bug 960093cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8619SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
LowCVE-2015-8619SUSE bug 960334SUSE bug 965269cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8629SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.
LowCVE-2015-8629SUSE bug 770172SUSE bug 963968cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8630SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.
LowCVE-2015-8630SUSE bug 963964cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8631SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.
ModerateCVE-2015-8631SUSE bug 963975cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8634SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8634SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8635SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8635SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8636SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8645.
CriticalCVE-2015-8636SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8638SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8638SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8639SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8639SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8640SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8640SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8641SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8641SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8642SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8642SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8643SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8643SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8644SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
CriticalCVE-2015-8644SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8645SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8636.
CriticalCVE-2015-8645SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8646SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8646SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8647SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8647SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8648SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8649, and CVE-2015-8650.
CriticalCVE-2015-8648SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8649SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8650.
CriticalCVE-2015-8649SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8650SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8649.
CriticalCVE-2015-8650SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8651SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2015-8651SUSE bug 960317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8660SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
ModerateCVE-2015-8660SUSE bug 923755SUSE bug 960281SUSE bug 960329SUSE bug 963994cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2015-8665SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.
LowCVE-2015-8665SUSE bug 1156749SUSE bug 1156754cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8683SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.
LowCVE-2015-8683SUSE bug 1156749SUSE bug 1156754cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8704SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.
ModerateCVE-2015-8704SUSE bug 962189SUSE bug 962190cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8705SUSE Linux Enterprise Desktop 12
buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option.
ModerateCVE-2015-8705SUSE bug 962189SUSE bug 962190cpe:/o:suse:sled:12CVE-2015-8709SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here."
ModerateCVE-2015-8709SUSE bug 1010933SUSE bug 959709SUSE bug 960561SUSE bug 960563cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2015-8710SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
ModerateCVE-2015-8710SUSE bug 1123919SUSE bug 960674cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8711SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
ModerateCVE-2015-8711SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8712SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8712SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8713SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
ModerateCVE-2015-8713SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8714SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8714SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8715SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-8715SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8716SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8716SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8717SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8717SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8718SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the "Match MSG/RES packets for async NLM" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8718SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8719SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8719SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8720SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8720SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8721SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.
ModerateCVE-2015-8721SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8722SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
ModerateCVE-2015-8722SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8723SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
ModerateCVE-2015-8723SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8724SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
ModerateCVE-2015-8724SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8725SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
ModerateCVE-2015-8725SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8726SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
ModerateCVE-2015-8726SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8727SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
ModerateCVE-2015-8727SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8728SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.
ModerateCVE-2015-8728SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8729SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
ModerateCVE-2015-8729SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8730SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
ModerateCVE-2015-8730SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8731SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
ModerateCVE-2015-8731SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8732SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
ModerateCVE-2015-8732SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8733SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
ModerateCVE-2015-8733SUSE bug 960382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8743SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes.
ModerateCVE-2015-8743SUSE bug 960725SUSE bug 960726cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8744SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.
LowCVE-2015-8744SUSE bug 960835SUSE bug 960836cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8745SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.
LowCVE-2015-8745SUSE bug 960707SUSE bug 960708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8746SUSE Linux Enterprise Desktop 12
fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic.
ModerateCVE-2015-8746SUSE bug 960839cpe:/o:suse:sled:12CVE-2015-8767SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.
LowCVE-2015-8767SUSE bug 961509cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8776SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
LowCVE-2015-8776SUSE bug 962736SUSE bug 986086cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8777SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
LowCVE-2015-8777SUSE bug 950944SUSE bug 962735cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8778SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
LowCVE-2015-8778SUSE bug 962737SUSE bug 986086cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8779SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
ModerateCVE-2015-8779SUSE bug 962739SUSE bug 965453SUSE bug 986086cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8781SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.
ModerateCVE-2015-8781SUSE bug 964213SUSE bug 964225cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8782SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.
ModerateCVE-2015-8782SUSE bug 964213SUSE bug 964225cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8783SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.
ModerateCVE-2015-8783SUSE bug 964213SUSE bug 964225cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8785SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.
LowCVE-2015-8785SUSE bug 963765cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8803SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805.
ModerateCVE-2015-8803SUSE bug 964845cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8804SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.
ModerateCVE-2015-8804SUSE bug 964847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8805SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8803.
ModerateCVE-2015-8805SUSE bug 964849cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8806SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
ModerateCVE-2015-8806SUSE bug 963963SUSE bug 965283SUSE bug 981114cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8812SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.
ModerateCVE-2015-8812SUSE bug 966437SUSE bug 966683cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2015-8816SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.
ModerateCVE-2015-8816SUSE bug 968010SUSE bug 979064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8817SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.
ModerateCVE-2015-8817SUSE bug 969121SUSE bug 969122SUSE bug 969125SUSE bug 969126cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8818SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors.
ModerateCVE-2015-8818SUSE bug 969122SUSE bug 969125SUSE bug 969126cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8830SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.
ModerateCVE-2015-8830SUSE bug 969354SUSE bug 969355cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2015-8833SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.
ImportantCVE-2015-8833SUSE bug 970498cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8839SUSE Linux Enterprise Desktop 12 SP4
Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole punching and page-fault handling.
ModerateCVE-2015-8839SUSE bug 972174cpe:/o:suse:sled:12:sp4CVE-2015-8842SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.
ModerateCVE-2015-8842SUSE bug 972612cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8844SUSE Linux Enterprise Desktop 12 SP4
The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
ModerateCVE-2015-8844SUSE bug 975531SUSE bug 975533cpe:/o:suse:sled:12:sp4CVE-2015-8845SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
ModerateCVE-2015-8845SUSE bug 975531SUSE bug 975533cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2015-8853SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
ModerateCVE-2015-8853SUSE bug 976584SUSE bug 997948SUSE bug 997950cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8868SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.
ModerateCVE-2015-8868SUSE bug 976844cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2015-8871SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.
ModerateCVE-2015-8871SUSE bug 1007739SUSE bug 1007744SUSE bug 979907cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8872SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."
ModerateCVE-2015-8872SUSE bug 980364cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8875SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow.
LowCVE-2015-8875SUSE bug 980497cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8876SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.
ModerateCVE-2015-8876SUSE bug 1019550SUSE bug 981049cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8877SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
ModerateCVE-2015-8877SUSE bug 981061cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8878SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory corruption) by leveraging an application that performs many temporary-file accesses.
ModerateCVE-2015-8878SUSE bug 981055cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8879SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.
ModerateCVE-2015-8879SUSE bug 981050cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8894SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
ModerateCVE-2015-8894SUSE bug 982969SUSE bug 983523SUSE bug 983533cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8895SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.
ModerateCVE-2015-8895SUSE bug 982969SUSE bug 983527cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8896SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
ModerateCVE-2015-8896SUSE bug 982969SUSE bug 983533cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8897SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
ModerateCVE-2015-8897SUSE bug 982969SUSE bug 983739SUSE bug 983746cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8898SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
ModerateCVE-2015-8898SUSE bug 982969SUSE bug 983739SUSE bug 983746cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8899SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.
ModerateCVE-2015-8899SUSE bug 983273cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8900SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
ModerateCVE-2015-8900SUSE bug 983232cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8901SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
ModerateCVE-2015-8901SUSE bug 983234cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8902SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
ModerateCVE-2015-8902SUSE bug 1052711SUSE bug 983253cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8903SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
ImportantCVE-2015-8903SUSE bug 983259cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8915SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file.
ModerateCVE-2015-8915SUSE bug 985601cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8916SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.
ModerateCVE-2015-8916SUSE bug 985694cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8918SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."
ModerateCVE-2015-8918SUSE bug 985698cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8919SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.
ModerateCVE-2015-8919SUSE bug 985697cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8920SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.
ModerateCVE-2015-8920SUSE bug 985675cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8921SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
ModerateCVE-2015-8921SUSE bug 985682cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8922SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.
ModerateCVE-2015-8922SUSE bug 985685cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8923SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.
ModerateCVE-2015-8923SUSE bug 985703cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8924SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.
ModerateCVE-2015-8924SUSE bug 985609cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8925SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.
ModerateCVE-2015-8925SUSE bug 985706cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8926SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.
ModerateCVE-2015-8926SUSE bug 985704cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8927SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password.
ModerateCVE-2015-8927SUSE bug 985712cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-8928SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
ModerateCVE-2015-8928SUSE bug 985679cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8929SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.
ModerateCVE-2015-8929SUSE bug 985669cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8930SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.
ModerateCVE-2015-8930SUSE bug 985700cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8931SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.
ModerateCVE-2015-8931SUSE bug 985689cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8932SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
ModerateCVE-2015-8932SUSE bug 985665cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8933SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.
ModerateCVE-2015-8933SUSE bug 985688cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8934SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.
ModerateCVE-2015-8934SUSE bug 985673cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8946SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.
ModerateCVE-2015-8946SUSE bug 989121SUSE bug 989122cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8947SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052.
ModerateCVE-2015-8947SUSE bug 963436SUSE bug 989564cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2015-8948SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.
ModerateCVE-2015-8948SUSE bug 1014473SUSE bug 1173590SUSE bug 1190777SUSE bug 990189cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8950SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.
LowCVE-2015-8950SUSE bug 1003931SUSE bug 1004045cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8952SUSE Linux Enterprise Desktop 12 SP4
The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba.
ModerateCVE-2015-8952SUSE bug 995759cpe:/o:suse:sled:12:sp4CVE-2015-8953SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service (dentry reference leak) via filesystem operations on a large file in a lower overlayfs layer.
LowCVE-2015-8953SUSE bug 995763cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8955SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs.
ModerateCVE-2015-8955SUSE bug 1003931cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8956SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.
ModerateCVE-2015-8956SUSE bug 1003925cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8957SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
ModerateCVE-2015-8957SUSE bug 1000690SUSE bug 1000691cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8958SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
ModerateCVE-2015-8958SUSE bug 1000690SUSE bug 1000691SUSE bug 1000694SUSE bug 1028079cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8959SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
ModerateCVE-2015-8959SUSE bug 1000713SUSE bug 1074610cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8960SUSE Linux Enterprise Desktop 12
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
ModerateCVE-2015-8960SUSE bug 941124cpe:/o:suse:sled:12CVE-2015-8961SUSE Linux Enterprise Desktop 12 SP1
The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field.
ImportantCVE-2015-8961SUSE bug 1010492cpe:/o:suse:sled:12:sp1CVE-2015-8962SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.
ModerateCVE-2015-8962SUSE bug 1010501cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2015-8963SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.
ModerateCVE-2015-8963SUSE bug 1010502cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-8964SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.
ModerateCVE-2015-8964SUSE bug 1010507cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2015-8966SUSE Linux Enterprise Desktop 12 SP1
arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call.
ImportantCVE-2015-8966SUSE bug 1014754cpe:/o:suse:sled:12:sp1CVE-2015-8967SUSE Linux Enterprise Desktop 12 SP1
arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access.
ImportantCVE-2015-8967SUSE bug 1014749cpe:/o:suse:sled:12:sp1CVE-2015-8970SUSE Linux Enterprise Desktop 12 SP4
crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c.
ModerateCVE-2015-8970SUSE bug 1008374SUSE bug 1008850cpe:/o:suse:sled:12:sp4CVE-2015-9016SUSE Linux Enterprise Desktop 12 SP3
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046.
ModerateCVE-2015-9016SUSE bug 1081683cpe:/o:suse:sled:12:sp3CVE-2015-9019SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.
LowCVE-2015-9019SUSE bug 1123130SUSE bug 934119cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-9230SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
In the admin/db-backup-security/db-backup-security.php page in the BulletProof Security plugin before .52.5 for WordPress, XSS is possible for remote authenticated administrators via the DBTablePrefix parameter.
LowCVE-2015-9230SUSE bug 1138468cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2015-9251SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
ModerateCVE-2015-9251SUSE bug 1099458SUSE bug 1100133SUSE bug 1111660cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2015-9262SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow.
ModerateCVE-2015-9262SUSE bug 1103511SUSE bug 1123801SUSE bug 1159415cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-9265SUSE Linux Enterprise Desktop 12 SP3
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-14622. Reason: This candidate is a reservation duplicate of CVE-2018-14622. Notes: All CVE users should reference CVE-2018-14622 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2015-9265SUSE bug 1106517SUSE bug 968175cpe:/o:suse:sled:12:sp3CVE-2015-9274SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.
ModerateCVE-2015-9274SUSE bug 1116297cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-9289SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.
ImportantCVE-2015-9289SUSE bug 1143179cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2015-9381SUSE Linux Enterprise Desktop 12 SP4
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
ModerateCVE-2015-9381SUSE bug 1149384cpe:/o:suse:sled:12:sp4CVE-2016-0402SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.
ImportantCVE-2016-0402SUSE bug 960402SUSE bug 962743SUSE bug 963937cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0448SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.
ImportantCVE-2016-0448SUSE bug 960402SUSE bug 962743SUSE bug 963937cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0466SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.
ImportantCVE-2016-0466SUSE bug 960402SUSE bug 962743SUSE bug 963937cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0475SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
ImportantCVE-2016-0475SUSE bug 962743SUSE bug 963937cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0483SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
ImportantCVE-2016-0483SUSE bug 960402SUSE bug 962743SUSE bug 963937cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0494SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ImportantCVE-2016-0494SUSE bug 962743SUSE bug 963937cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0505SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.
ModerateCVE-2016-0505SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0546SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.
ModerateCVE-2016-0546SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0596SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
ModerateCVE-2016-0596SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0597SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
ModerateCVE-2016-0597SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0598SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
ModerateCVE-2016-0598SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0600SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
ModerateCVE-2016-0600SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0606SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
ModerateCVE-2016-0606SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0608SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.
ModerateCVE-2016-0608SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0609SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
ModerateCVE-2016-0609SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0616SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
ModerateCVE-2016-0616SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0617SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Unspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors.
ModerateCVE-2016-0617SUSE bug 965794cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-0634SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
ModerateCVE-2016-0634SUSE bug 1000396SUSE bug 1001299SUSE bug 1159416SUSE bug 1188388cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0636SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
ModerateCVE-2016-0636SUSE bug 972468SUSE bug 979252cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0640SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.
ModerateCVE-2016-0640SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0641SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM.
CriticalCVE-2016-0641SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0642SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
CriticalCVE-2016-0642SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0643SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.
CriticalCVE-2016-0643SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0644SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.
CriticalCVE-2016-0644SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0646SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.
CriticalCVE-2016-0646SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0647SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS.
CriticalCVE-2016-0647SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0648SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.
CriticalCVE-2016-0648SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0649SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.
CriticalCVE-2016-0649SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0650SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.
CriticalCVE-2016-0650SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0651SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
CriticalCVE-2016-0651SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0655SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.
CriticalCVE-2016-0655SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0666SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
CriticalCVE-2016-0666SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0668SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
CriticalCVE-2016-0668SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0686SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.
ImportantCVE-2016-0686SUSE bug 976340SUSE bug 979252cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0687SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
ImportantCVE-2016-0687SUSE bug 976340SUSE bug 979252cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0695SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
ImportantCVE-2016-0695SUSE bug 976340SUSE bug 979252cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0701SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.
ImportantCVE-2016-0701SUSE bug 1071906SUSE bug 1176331SUSE bug 1195379SUSE bug 963410SUSE bug 963413cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-0702SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.
LowCVE-2016-0702SUSE bug 1007806SUSE bug 968044SUSE bug 968050SUSE bug 971238SUSE bug 990370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0703SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
ModerateCVE-2016-0703SUSE bug 968044SUSE bug 968046SUSE bug 968051SUSE bug 986238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0704SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
ModerateCVE-2016-0704SUSE bug 968044SUSE bug 968053SUSE bug 986238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0705SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.
LowCVE-2016-0705SUSE bug 968044SUSE bug 968047SUSE bug 971238SUSE bug 976341cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0718SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
ModerateCVE-2016-0718SUSE bug 979441SUSE bug 991809cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0723SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.
ModerateCVE-2016-0723SUSE bug 961500cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0728SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
ImportantCVE-2016-0728SUSE bug 923755SUSE bug 962075SUSE bug 962078SUSE bug 963994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0729SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
ModerateCVE-2016-0729SUSE bug 966822cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0739SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
ModerateCVE-2016-0739SUSE bug 965875SUSE bug 967026cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0749SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.
ImportantCVE-2016-0749SUSE bug 982385SUSE bug 982386cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0755SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.
ModerateCVE-2016-0755SUSE bug 962983cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0758SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
ImportantCVE-2016-0758SUSE bug 979867SUSE bug 980856cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-0764SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.
LowCVE-2016-0764SUSE bug 974072cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0766SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
ModerateCVE-2016-0766SUSE bug 966435SUSE bug 966436SUSE bug 978323cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0771SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.
ModerateCVE-2016-0771SUSE bug 968223cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0772SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
ModerateCVE-2016-0772SUSE bug 984751cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0773SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.
ModerateCVE-2016-0773SUSE bug 966435SUSE bug 966436SUSE bug 978323SUSE bug 983246SUSE bug 986409cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0774SUSE Linux Enterprise Desktop 12
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.
ModerateCVE-2016-0774SUSE bug 917839SUSE bug 964730SUSE bug 964732cpe:/o:suse:sled:12CVE-2016-0777SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CriticalCVE-2016-0777SUSE bug 961642SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0778SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
ModerateCVE-2016-0778SUSE bug 961645SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0787SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
ModerateCVE-2016-0787SUSE bug 1149968SUSE bug 967026SUSE bug 968174SUSE bug 974691cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0794SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.
ModerateCVE-2016-0794SUSE bug 967014SUSE bug 967015cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0795SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.
ModerateCVE-2016-0795SUSE bug 967014SUSE bug 967015cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0797SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandled by the (1) BN_dec2bn or (2) BN_hex2bn function, related to crypto/bn/bn.h and crypto/bn/bn_print.c.
ModerateCVE-2016-0797SUSE bug 968044SUSE bug 968048SUSE bug 990370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0798SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c and crypto/srp/srp_vfy.c.
ModerateCVE-2016-0798SUSE bug 968044SUSE bug 968265cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0799SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-2842.
ModerateCVE-2016-0799SUSE bug 968044SUSE bug 968374SUSE bug 969517SUSE bug 989345SUSE bug 990370SUSE bug 991722cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0800SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
ModerateCVE-2016-0800SUSE bug 1106871SUSE bug 961377SUSE bug 968044SUSE bug 968046SUSE bug 968888SUSE bug 969591SUSE bug 979060cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0821SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection mechanism by triggering the use of an uninitialized list entry, aka Android internal bug 26186802, a different vulnerability than CVE-2015-3636.
LowCVE-2016-0821SUSE bug 987709SUSE bug 994624cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-0960SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CriticalCVE-2016-0960SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0961SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CriticalCVE-2016-0961SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0962SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CriticalCVE-2016-0962SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0963SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.
ModerateCVE-2016-0963SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0964SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0964SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0965SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0965SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0966SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0966SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0967SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0967SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0968SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0968SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0969SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0969SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0970SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0970SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0971SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2016-0971SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0972SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0972SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0973SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
CriticalCVE-2016-0973SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0974SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
CriticalCVE-2016-0974SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0975SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
CriticalCVE-2016-0975SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0976SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0976SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0977SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0977SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0978SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0978SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0979SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981.
CriticalCVE-2016-0979SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0980SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981.
CriticalCVE-2016-0980SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0981SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980.
CriticalCVE-2016-0981SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0982SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984.
CriticalCVE-2016-0982SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0983SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0984.
CriticalCVE-2016-0983SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0984SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0983.
CriticalCVE-2016-0984SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0985SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
CriticalCVE-2016-0985SUSE bug 965901cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0986SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CriticalCVE-2016-0986SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0987SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
ModerateCVE-2016-0987SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0988SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CriticalCVE-2016-0988SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0989SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CriticalCVE-2016-0989SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0990SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CriticalCVE-2016-0990SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0991SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CriticalCVE-2016-0991SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0992SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.
CriticalCVE-2016-0992SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0993SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.
CriticalCVE-2016-0993SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0994SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CriticalCVE-2016-0994SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0995SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CriticalCVE-2016-0995SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0996SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CriticalCVE-2016-0996SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0997SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
ModerateCVE-2016-0997SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0998SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
CriticalCVE-2016-0998SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-0999SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.
CriticalCVE-2016-0999SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1000SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.
CriticalCVE-2016-1000SUSE bug 1016168SUSE bug 1016169SUSE bug 1016366SUSE bug 970547SUSE bug 988484SUSE bug 988486SUSE bug 988487SUSE bug 988488SUSE bug 988489SUSE bug 988491SUSE bug 988492SUSE bug 989125SUSE bug 989170SUSE bug 989172SUSE bug 989174SUSE bug 989523SUSE bug 989532SUSE bug 989569SUSE bug 989989SUSE bug 989995SUSE bug 989997SUSE bug 990847SUSE bug 997861cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1000031SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
ModerateCVE-2016-1000031SUSE bug 1128963cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1000110SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.
ModerateCVE-2016-1000110SUSE bug 988484SUSE bug 989523cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10009SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
ModerateCVE-2016-10009SUSE bug 1016336SUSE bug 1016366SUSE bug 1016370SUSE bug 1138392cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1001SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2016-1001SUSE bug 1016340SUSE bug 1016368SUSE bug 1016369SUSE bug 1016370SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10010SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
ImportantCVE-2016-10010SUSE bug 1016336SUSE bug 1016368SUSE bug 1196721cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10011SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
ModerateCVE-2016-10011SUSE bug 1016336SUSE bug 1016369SUSE bug 1016370cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10012SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
ModerateCVE-2016-10012SUSE bug 1006166SUSE bug 1016336SUSE bug 1016369SUSE bug 1016370SUSE bug 1035742SUSE bug 1073044SUSE bug 1092582SUSE bug 1138392cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10013SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
ModerateCVE-2016-10013SUSE bug 1016340cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1002SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.
CriticalCVE-2016-1002SUSE bug 1014298SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10024SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
ModerateCVE-2016-10024SUSE bug 1014298SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10025SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.
ModerateCVE-2016-10025SUSE bug 1014300cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10028SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0.
ModerateCVE-2016-10028SUSE bug 1017084SUSE bug 1017085SUSE bug 1185981cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10029SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts.
ModerateCVE-2016-10029SUSE bug 1017081SUSE bug 1017082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-10040SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.
LowCVE-2016-10040SUSE bug 1039291cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10044SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.
LowCVE-2016-10044SUSE bug 1023992cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10046SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
ModerateCVE-2016-10046SUSE bug 1016742SUSE bug 1017308cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10047SUSE Linux Enterprise Desktop 12 SP1
Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.
ModerateCVE-2016-10047SUSE bug 1017309cpe:/o:suse:sled:12:sp1CVE-2016-10048SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
ModerateCVE-2016-10048SUSE bug 1017310cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10049SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
ModerateCVE-2016-10049SUSE bug 1017311cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1005SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.
CriticalCVE-2016-1005SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10050SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
ModerateCVE-2016-10050SUSE bug 1017312cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10051SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10051SUSE bug 1017313cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10052SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10052SUSE bug 1017314cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10053SUSE Linux Enterprise Desktop 12 SP1
The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
LowCVE-2016-10053SUSE bug 1017315cpe:/o:suse:sled:12:sp1CVE-2016-10054SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10054SUSE bug 1002209SUSE bug 1016585SUSE bug 1017316cpe:/o:suse:sled:12:sp1CVE-2016-10055SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10055SUSE bug 1002209SUSE bug 1016585SUSE bug 1017316cpe:/o:suse:sled:12:sp1CVE-2016-10056SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10056SUSE bug 1002209SUSE bug 1016585SUSE bug 1017316cpe:/o:suse:sled:12:sp1CVE-2016-10057SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10057SUSE bug 1002209SUSE bug 1016585SUSE bug 1017316cpe:/o:suse:sled:12:sp1CVE-2016-10058SUSE Linux Enterprise Desktop 12 SP1
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.
LowCVE-2016-10058SUSE bug 1017317cpe:/o:suse:sled:12:sp1CVE-2016-10059SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
ModerateCVE-2016-10059SUSE bug 1017318cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1006SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data.
CriticalCVE-2016-1006SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10060SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
LowCVE-2016-10060SUSE bug 1017319cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10061SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.
LowCVE-2016-10061SUSE bug 1017319cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10062SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
LowCVE-2016-10062SUSE bug 1017319cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10063SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.
ModerateCVE-2016-10063SUSE bug 1016589SUSE bug 1017320cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10064SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
LowCVE-2016-10064SUSE bug 1016590SUSE bug 1017321cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10065SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10065SUSE bug 1016591SUSE bug 1017322cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10068SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
LowCVE-2016-10068SUSE bug 1017324cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10069SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.
LowCVE-2016-10069SUSE bug 1017325cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10070SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
ModerateCVE-2016-10070SUSE bug 1017326cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10071SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
ModerateCVE-2016-10071SUSE bug 1017326cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10087SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
LowCVE-2016-10087SUSE bug 1017646SUSE bug 1149680cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10088SUSE Linux Enterprise Desktop 12 SP1
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.
ImportantCVE-2016-10088SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1019079cpe:/o:suse:sled:12:sp1CVE-2016-10092SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image.
ModerateCVE-2016-10092SUSE bug 1017693SUSE bug 1122679cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10093SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a heap-based buffer overflow.
ModerateCVE-2016-10093SUSE bug 1017693SUSE bug 1122679cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10094SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image.
ModerateCVE-2016-10094SUSE bug 1017693SUSE bug 1122679cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10095SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7 and 4.0.8 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.
ModerateCVE-2016-10095SUSE bug 1017690SUSE bug 960341SUSE bug 983436cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1010SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
CriticalCVE-2016-1010SUSE bug 970547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10109SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.
ModerateCVE-2016-10109SUSE bug 1017902cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1011SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
CriticalCVE-2016-1011SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1012SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1012SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1013SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
CriticalCVE-2016-1013SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1014SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.
CriticalCVE-2016-1014SUSE bug 1020381SUSE bug 1020429SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10144SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
ModerateCVE-2016-10144SUSE bug 1020433cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10145SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
ModerateCVE-2016-10145SUSE bug 1020435cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10146SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
ModerateCVE-2016-10146SUSE bug 1020443cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10147SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5).
ModerateCVE-2016-10147SUSE bug 1020381SUSE bug 1020429cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-1015SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type confusion," a different vulnerability than CVE-2016-1019.
CriticalCVE-2016-1015SUSE bug 1021129SUSE bug 1024183SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10150SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.
ModerateCVE-2016-10150SUSE bug 1020693cpe:/o:suse:sled:12:sp1CVE-2016-10153SUSE Linux Enterprise Desktop 12 SP1
The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging reliance on earlier net/ceph/crypto.c code.
ModerateCVE-2016-10153SUSE bug 1021253cpe:/o:suse:sled:12:sp1CVE-2016-10154SUSE Linux Enterprise Desktop 12 SP1
The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x before 4.9.1 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a scatterlist.
ModerateCVE-2016-10154SUSE bug 1021254cpe:/o:suse:sled:12:sp1CVE-2016-10155SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
ModerateCVE-2016-10155SUSE bug 1021129SUSE bug 1024183cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10156SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.
ImportantCVE-2016-10156SUSE bug 1020601SUSE bug 1021969SUSE bug 1086936cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1016SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1017, and CVE-2016-1031.
CriticalCVE-2016-1016SUSE bug 1021364SUSE bug 1021616SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10163SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) by repeatedly creating a decode context.
LowCVE-2016-10163SUSE bug 1021616cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10164SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
ImportantCVE-2016-10164SUSE bug 1021315SUSE bug 1123144cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10165SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
ModerateCVE-2016-10165SUSE bug 1021364SUSE bug 1064069SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10166SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.
ModerateCVE-2016-10166SUSE bug 1022069SUSE bug 1022263cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10167SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
LowCVE-2016-10167SUSE bug 1022069SUSE bug 1022264cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10168SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
ModerateCVE-2016-10168SUSE bug 1022069SUSE bug 1022265cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10169SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file.
LowCVE-2016-10169SUSE bug 1021483cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1017SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1031.
CriticalCVE-2016-1017SUSE bug 1021740SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10170SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file.
LowCVE-2016-10170SUSE bug 1021483cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10171SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file.
LowCVE-2016-10171SUSE bug 1021483cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10172SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_new_config_info function in open_utils.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file.
LowCVE-2016-10172SUSE bug 1021483cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1018SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data.
CriticalCVE-2016-1018SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1019SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
CriticalCVE-2016-1019SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10195SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read.
ModerateCVE-2016-10195SUSE bug 1022917SUSE bug 1035082SUSE bug 1035209SUSE bug 1075618SUSE bug 1123122cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10196SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.
ModerateCVE-2016-10196SUSE bug 1022918SUSE bug 1035082SUSE bug 1035209SUSE bug 1075618cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10197SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.
ModerateCVE-2016-10197SUSE bug 1022919SUSE bug 1035082SUSE bug 1035209SUSE bug 1075618SUSE bug 1123122cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10198SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.
LowCVE-2016-10198SUSE bug 1023259SUSE bug 1024014cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10199SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
LowCVE-2016-10199SUSE bug 1023259SUSE bug 1024017cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1020SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1020SUSE bug 1023377SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10200SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.
ModerateCVE-2016-10200SUSE bug 1027179SUSE bug 1028415cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-10207SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.
ImportantCVE-2016-10207SUSE bug 1023012cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-10208SUSE Linux Enterprise Desktop 12 SP1
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.
ImportantCVE-2016-10208SUSE bug 1023377SUSE bug 1087082cpe:/o:suse:sled:12:sp1CVE-2016-10209SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.
ModerateCVE-2016-10209SUSE bug 1032089cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1021SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1021SUSE bug 1024244SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10214SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the virgl_resource_attach_backing function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
ModerateCVE-2016-10214SUSE bug 1024244cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10217SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module.
ModerateCVE-2016-10217SUSE bug 1032130cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2016-10218SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
ModerateCVE-2016-10218SUSE bug 1032135cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2016-10219SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
LowCVE-2016-10219SUSE bug 1032138cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1022SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1022SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10220SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module.
ModerateCVE-2016-10220SUSE bug 1032120SUSE bug 1036453cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1023SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1023SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1024SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1024SUSE bug 1029704SUSE bug 1029705SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10244SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2016-10244SUSE bug 1028103cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10245SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection.
ModerateCVE-2016-10245SUSE bug 1136364cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10248SUSE Linux Enterprise Desktop 12 SP4
The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence.
LowCVE-2016-10248SUSE bug 1029705cpe:/o:suse:sled:12:sp4CVE-2016-10249SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow.
ModerateCVE-2016-10249SUSE bug 1029704cpe:/o:suse:sled:12:sp4CVE-2016-1025SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1025SUSE bug 1006836SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10251SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.
ModerateCVE-2016-10251SUSE bug 1029497SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10254SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure.
LowCVE-2016-10254SUSE bug 1030472cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10255SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.
LowCVE-2016-10255SUSE bug 1030472SUSE bug 1030476cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1026SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1026SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10266SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.
ModerateCVE-2016-10266SUSE bug 1017694SUSE bug 1031263cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10267SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.
ModerateCVE-2016-10267SUSE bug 1017694SUSE bug 1031262cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10268SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.
ModerateCVE-2016-10268SUSE bug 1017693SUSE bug 1031255cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10269SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2.
ModerateCVE-2016-10269SUSE bug 1017693SUSE bug 1031254cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1027SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1027SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10270SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22.
ModerateCVE-2016-10270SUSE bug 1031250cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10271SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13.
ModerateCVE-2016-10271SUSE bug 1031249cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10272SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9.
ModerateCVE-2016-10272SUSE bug 1031247cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1028SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1028SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1029SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033.
CriticalCVE-2016-1029SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1030SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
CriticalCVE-2016-1030SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1031SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1017.
CriticalCVE-2016-1031SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10317SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document.
ModerateCVE-2016-10317SUSE bug 1032230cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10318SUSE Linux Enterprise Desktop 12 SP1
A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service.
ModerateCVE-2016-10318SUSE bug 1032435cpe:/o:suse:sled:12:sp1CVE-2016-1032SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1033.
CriticalCVE-2016-1032SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10324SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.
ModerateCVE-2016-10324SUSE bug 1034574cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10325SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS.
ModerateCVE-2016-10325SUSE bug 1034572cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10326SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.
ModerateCVE-2016-10326SUSE bug 1034571cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10327SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
ModerateCVE-2016-10327SUSE bug 1034192cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1033SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1032.
CriticalCVE-2016-1033SUSE bug 974209cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-10349SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
ModerateCVE-2016-10349SUSE bug 1037008cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10350SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
ModerateCVE-2016-10350SUSE bug 1037009cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10371SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file.
LowCVE-2016-10371SUSE bug 1038438cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10504SUSE Linux Enterprise Desktop 12 SP3
Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file.
ImportantCVE-2016-10504SUSE bug 1056351SUSE bug 1179594cpe:/o:suse:sled:12:sp3CVE-2016-10505SUSE Linux Enterprise Desktop 12 SP3
NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
ModerateCVE-2016-10505SUSE bug 1056363cpe:/o:suse:sled:12:sp3CVE-2016-10506SUSE Linux Enterprise Desktop 12 SP3
Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
ModerateCVE-2016-10506SUSE bug 1056396cpe:/o:suse:sled:12:sp3CVE-2016-10507SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file.
ModerateCVE-2016-10507SUSE bug 1056421cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10708SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
ModerateCVE-2016-10708SUSE bug 1076957SUSE bug 1138392cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10713SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
ModerateCVE-2016-10713SUSE bug 1080918SUSE bug 1101128cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10714SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
LowCVE-2016-10714SUSE bug 1083250cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10739SUSE Linux Enterprise Desktop 12 SP4
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
ModerateCVE-2016-10739SUSE bug 1122729SUSE bug 1155094cpe:/o:suse:sled:12:sp4CVE-2016-10746SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.
ModerateCVE-2016-10746SUSE bug 1133150cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-10764SUSE Linux Enterprise Desktop 12 SP3
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.
ModerateCVE-2016-10764SUSE bug 1143183cpe:/o:suse:sled:12:sp3CVE-2016-10905SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry.
ModerateCVE-2016-10905SUSE bug 1146312cpe:/o:suse:sled:12:sp4CVE-2016-10906SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.
ModerateCVE-2016-10906SUSE bug 1146584cpe:/o:suse:sled:12:sp4CVE-2016-10907SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755_parse_dt.
ModerateCVE-2016-10907SUSE bug 1146302cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1096SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1096SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1097SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1097SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1098SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1098SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1099SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1099SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1100SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1100SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1101SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1101SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1102SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1102SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1103SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1103SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1104SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1104SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1105SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1105SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1106SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1106SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1107SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1107SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1108SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1108SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1109SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1109SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1110SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-1110SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1181SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.
ModerateCVE-2016-1181SUSE bug 983684SUSE bug 983728cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1182SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.
ModerateCVE-2016-1182SUSE bug 983684cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1234SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.
ModerateCVE-2016-1234SUSE bug 1020940SUSE bug 969727SUSE bug 988770SUSE bug 988782SUSE bug 989127cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1237SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c.
LowCVE-2016-1237SUSE bug 986570cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1238SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.
ModerateCVE-2016-1238SUSE bug 1108749SUSE bug 1123389SUSE bug 987887SUSE bug 988311cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1248SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
ModerateCVE-2016-1248SUSE bug 1010685SUSE bug 1173534cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1255SUSE Linux Enterprise Desktop 12 SP1
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04 before 179ubuntu0.1, and in Ubuntu 17.10 before 184ubuntu1.1 allows local users to gain root privileges via a symlink attack on a logfile in /var/log/postgresql.
ModerateCVE-2016-1255SUSE bug 1016745cpe:/o:suse:sled:12:sp1CVE-2016-1283SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2016-1283SUSE bug 960837cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1285SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
ModerateCVE-2016-1285SUSE bug 970072SUSE bug 981200cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1286SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
ImportantCVE-2016-1286SUSE bug 970073SUSE bug 981200cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1372SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
ModerateCVE-2016-1372SUSE bug 984650cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1513SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
ModerateCVE-2016-1513SUSE bug 991057cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1521SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
ModerateCVE-2016-1521SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1523SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.
ModerateCVE-2016-1523SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810SUSE bug 967087cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1526SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
ModerateCVE-2016-1526SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810SUSE bug 966438cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1541SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.
ModerateCVE-2016-1541SUSE bug 979005cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1544SUSE Linux Enterprise Desktop 12 SP4
nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).
LowCVE-2016-1544SUSE bug 966514cpe:/o:suse:sled:12:sp4CVE-2016-1547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
ModerateCVE-2016-1547SUSE bug 962784SUSE bug 977446SUSE bug 977459SUSE bug 982064SUSE bug 982065cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1548SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
ModerateCVE-2016-1548SUSE bug 959243SUSE bug 977446SUSE bug 977461SUSE bug 982068cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1549SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.
ModerateCVE-2016-1549SUSE bug 1083424SUSE bug 977446SUSE bug 977451cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1550SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
ModerateCVE-2016-1550SUSE bug 977446SUSE bug 977464cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1551SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, any packet with a source ip address of a reference clock (127.127.1.1 for example) that reaches the receive() function will match that reference clock's peer record and will be treated as a trusted peer. Any system that lacks the typical martian packet filtering which would block these packets is in danger of having its time controlled by an attacker.
ModerateCVE-2016-1551SUSE bug 977446SUSE bug 977450cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1568SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command.
ModerateCVE-2016-1568SUSE bug 961332SUSE bug 961333cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1570SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates.
ModerateCVE-2016-1570SUSE bug 960861cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1571SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check.
ModerateCVE-2016-1571SUSE bug 960861SUSE bug 960862cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1572SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
ModerateCVE-2016-1572SUSE bug 962052cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1575SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
ImportantCVE-2016-1575SUSE bug 968092cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1577SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137.
ImportantCVE-2016-1577SUSE bug 1178702SUSE bug 968373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1583SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.
ModerateCVE-2016-1583SUSE bug 1052256SUSE bug 983143SUSE bug 983144cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1585SUSE Linux Enterprise Desktop 12 SP1
In all versions of AppArmor mount rules are accidentally widened when compiled.
ModerateCVE-2016-1585SUSE bug 995594cpe:/o:suse:sled:12:sp1CVE-2016-1601SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors.
CriticalCVE-2016-1601SUSE bug 973639SUSE bug 974220cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1602SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root).
ModerateCVE-2016-1602SUSE bug 1063385SUSE bug 980670cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1621SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792.
ModerateCVE-2016-1621SUSE bug 972021cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1714SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.
ModerateCVE-2016-1714SUSE bug 961691SUSE bug 961692cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1762SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
ModerateCVE-2016-1762SUSE bug 1123919SUSE bug 981040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1833SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
ModerateCVE-2016-1833SUSE bug 1123919SUSE bug 981108cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1834SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
ModerateCVE-2016-1834SUSE bug 1123919SUSE bug 981041cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1835SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.
ModerateCVE-2016-1835SUSE bug 1123919SUSE bug 981109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1836SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.
ModerateCVE-2016-1836SUSE bug 1174862SUSE bug 981110cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1837SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.
ModerateCVE-2016-1837SUSE bug 1123919SUSE bug 981111cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1838SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
ModerateCVE-2016-1838SUSE bug 1123919SUSE bug 981112cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1839SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
ModerateCVE-2016-1839SUSE bug 1039069SUSE bug 1039661SUSE bug 1069433SUSE bug 1069690SUSE bug 1123919SUSE bug 963963SUSE bug 981114cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1840SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
ImportantCVE-2016-1840SUSE bug 1123919SUSE bug 981115cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1856SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1857.
ModerateCVE-2016-1856cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1857SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1856.
ModerateCVE-2016-1857cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1867SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
ModerateCVE-2016-1867SUSE bug 1178702SUSE bug 961886cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1907SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
ModerateCVE-2016-1907SUSE bug 1138392SUSE bug 962495cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1908SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
LowCVE-2016-1908SUSE bug 1001712SUSE bug 1005738SUSE bug 1138392SUSE bug 962313SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1922SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer dereference. A user or process could use this flaw to crash the QEMU instance, resulting in DoS issue.
LowCVE-2016-1922SUSE bug 962320SUSE bug 962321cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1923SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
ImportantCVE-2016-1923SUSE bug 962522SUSE bug 980504cpe:/o:suse:sled:12:sp4CVE-2016-1930SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2016-1930SUSE bug 963520SUSE bug 963632cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1931SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors.
ImportantCVE-2016-1931SUSE bug 963633cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1935SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
ModerateCVE-2016-1935SUSE bug 963520SUSE bug 963635cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1937SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.
ModerateCVE-2016-1937SUSE bug 963641SUSE bug 977736cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-1938SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.
ModerateCVE-2016-1938SUSE bug 963731cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1949SUSE Linux Enterprise Desktop 12
Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.
ModerateCVE-2016-1949SUSE bug 966438SUSE bug 967087cpe:/o:suse:sled:12CVE-2016-1950SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
ImportantCVE-2016-1950SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1952SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2016-1952SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1953SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.
CriticalCVE-2016-1953SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1954SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.
ModerateCVE-2016-1954SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1957SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.
ModerateCVE-2016-1957SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1958SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL.
ModerateCVE-2016-1958SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1960SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.
CriticalCVE-2016-1960SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1961SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.
CriticalCVE-2016-1961SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1962SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections.
CriticalCVE-2016-1962SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1964SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.
CriticalCVE-2016-1964SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1965SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.
ModerateCVE-2016-1965SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1966SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.
ImportantCVE-2016-1966SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1974SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.
ModerateCVE-2016-1974SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1977SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.
CriticalCVE-2016-1977SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1978SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.
ModerateCVE-2016-1978SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1979SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.
ModerateCVE-2016-1979SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-1981SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS.
LowCVE-2016-1981SUSE bug 963782SUSE bug 963783cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2037SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file.
LowCVE-2016-2037SUSE bug 1028410SUSE bug 963448cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2047SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com."
ModerateCVE-2016-2047SUSE bug 963806SUSE bug 976341SUSE bug 980904cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2052SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.
ModerateCVE-2016-2052SUSE bug 963436SUSE bug 989564cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-2053SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.
ModerateCVE-2016-2053SUSE bug 963762SUSE bug 979074cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2069SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.
LowCVE-2016-2069SUSE bug 870618SUSE bug 963767cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2070SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic.
ModerateCVE-2016-2070SUSE bug 963761cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2073SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
ModerateCVE-2016-2073SUSE bug 963963cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2088SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.
ModerateCVE-2016-2088SUSE bug 970074cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2089SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.
LowCVE-2016-2089SUSE bug 1178702SUSE bug 963983cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2099SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.
ModerateCVE-2016-2099SUSE bug 979208cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2105SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
ModerateCVE-2016-2105SUSE bug 977584SUSE bug 977614SUSE bug 978492SUSE bug 989902SUSE bug 990369SUSE bug 990370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2106SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
LowCVE-2016-2106SUSE bug 977584SUSE bug 977615SUSE bug 978492SUSE bug 990369cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2107SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
ImportantCVE-2016-2107SUSE bug 976942SUSE bug 977584SUSE bug 977616SUSE bug 978492SUSE bug 990369SUSE bug 990370cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2108SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.
ImportantCVE-2016-2108SUSE bug 1001502SUSE bug 1004499SUSE bug 1005878SUSE bug 1148697SUSE bug 977584SUSE bug 977617SUSE bug 978492SUSE bug 989345SUSE bug 996067cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2109SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
ModerateCVE-2016-2109SUSE bug 1015243SUSE bug 976942SUSE bug 977584SUSE bug 978492SUSE bug 990369cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2110SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
ModerateCVE-2016-2110SUSE bug 1009711SUSE bug 973031SUSE bug 973033SUSE bug 973036SUSE bug 975276SUSE bug 977416cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2111SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
ModerateCVE-2016-2111SUSE bug 973032SUSE bug 975276SUSE bug 977416cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2112SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
ModerateCVE-2016-2112SUSE bug 973031SUSE bug 973033SUSE bug 975276SUSE bug 977416cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2113SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.
ModerateCVE-2016-2113SUSE bug 973031SUSE bug 973033SUSE bug 973034SUSE bug 975276SUSE bug 977416cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2114SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream.
ModerateCVE-2016-2114SUSE bug 973035cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2115SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.
ModerateCVE-2016-2115SUSE bug 973036SUSE bug 975276SUSE bug 977416cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2116SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
ModerateCVE-2016-2116SUSE bug 1178702SUSE bug 968373cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2117SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
ModerateCVE-2016-2117SUSE bug 1027179SUSE bug 968697cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-2118SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
ModerateCVE-2016-2118SUSE bug 971965SUSE bug 975276SUSE bug 977416cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2119SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.
ModerateCVE-2016-2119SUSE bug 986869cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2123SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation.
ImportantCVE-2016-2123SUSE bug 1014437cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2125SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
ModerateCVE-2016-2125SUSE bug 1014441cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2126SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.
ModerateCVE-2016-2126SUSE bug 1014442cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.
ImportantCVE-2016-2143SUSE bug 970504SUSE bug 993872cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-2150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.
ImportantCVE-2016-2150SUSE bug 982385SUSE bug 982386cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2176SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.
ModerateCVE-2016-2176SUSE bug 978224SUSE bug 990369cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2177SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
ModerateCVE-2016-2177SUSE bug 982575SUSE bug 999075SUSE bug 999665cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2178SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
ModerateCVE-2016-2178SUSE bug 983249SUSE bug 983519SUSE bug 999665cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2179SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.
ModerateCVE-2016-2179SUSE bug 994844SUSE bug 999665cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2180SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the "openssl ts" command.
LowCVE-2016-2180SUSE bug 1003811SUSE bug 990419SUSE bug 999665cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2181SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c.
ModerateCVE-2016-2181SUSE bug 994749SUSE bug 994844SUSE bug 999665cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2182SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2016-2182SUSE bug 993819SUSE bug 994844SUSE bug 995959SUSE bug 999665cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2183SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
ModerateCVE-2016-2183SUSE bug 1001912SUSE bug 1024218SUSE bug 1027038SUSE bug 1034689SUSE bug 1171693SUSE bug 994844SUSE bug 995359cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2184SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2184SUSE bug 971125cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2185SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2185SUSE bug 971124cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2186SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2186SUSE bug 970958cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2187SUSE Linux Enterprise Desktop 12 SP4
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2187SUSE bug 971919SUSE bug 971944cpe:/o:suse:sled:12:sp4CVE-2016-2188SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2188SUSE bug 1067912SUSE bug 1132190SUSE bug 970956cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-2193SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role.
ModerateCVE-2016-2193SUSE bug 978456cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2197SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside guest could use this flaw to crash the QEMU process instance resulting in DoS.
LowCVE-2016-2197SUSE bug 964411cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2198SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS.
LowCVE-2016-2198SUSE bug 964413SUSE bug 964415cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2233SUSE Linux Enterprise Desktop 12 SP2
Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP LS message.
ModerateCVE-2016-2233SUSE bug 1020738cpe:/o:suse:sled:12:sp2CVE-2016-2270SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings.
ModerateCVE-2016-2270SUSE bug 965315cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2271SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP.
ModerateCVE-2016-2271SUSE bug 965317cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2334SUSE Linux Enterprise Desktop 12
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
ModerateCVE-2016-2334SUSE bug 979822cpe:/o:suse:sled:12CVE-2016-2335SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.
ModerateCVE-2016-2335SUSE bug 979823cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2336SUSE Linux Enterprise Desktop 12 SP1
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution.
ImportantCVE-2016-2336SUSE bug 1018810cpe:/o:suse:sled:12:sp1CVE-2016-2339SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
ModerateCVE-2016-2339SUSE bug 1018808cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2347SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.
ModerateCVE-2016-2347SUSE bug 973790cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2374SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution.
ModerateCVE-2016-2374SUSE bug 984655SUSE bug 991690cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2376SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet which will trigger a buffer overflow.
ModerateCVE-2016-2376SUSE bug 984655SUSE bug 991686cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2377SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the vulnerability.
ModerateCVE-2016-2377SUSE bug 984655SUSE bug 991685cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2378SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length values to trigger this vulnerability.
ModerateCVE-2016-2378SUSE bug 984655SUSE bug 991683cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2379SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on login messages and re-using the hashed passwords.
ModerateCVE-2016-2379SUSE bug 984655SUSE bug 991721cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2381SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
ModerateCVE-2016-2381SUSE bug 967082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2383SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions.
ModerateCVE-2016-2383SUSE bug 966684cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-2384SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.
ModerateCVE-2016-2384SUSE bug 966693SUSE bug 967773cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2391SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
LowCVE-2016-2391SUSE bug 967012SUSE bug 967013SUSE bug 967101cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2392SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet.
LowCVE-2016-2392SUSE bug 967012SUSE bug 967090cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2399SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the quicktime_read_pascal function in libquicktime 1.2.4 and earlier allows remote attackers to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom.
ModerateCVE-2016-2399SUSE bug 1022805cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2464SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted mkv file, aka internal bug 23167726.
ModerateCVE-2016-2464SUSE bug 984448cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2516SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.
ModerateCVE-2016-2516SUSE bug 977446SUSE bug 977452cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2517SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.
ModerateCVE-2016-2517SUSE bug 977446SUSE bug 977455cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2518SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
ModerateCVE-2016-2518SUSE bug 977446SUSE bug 977457cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2519SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.
ModerateCVE-2016-2519SUSE bug 959243SUSE bug 977446SUSE bug 977458cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2523SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in the DNP3 dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2016-2523SUSE bug 968565cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2530SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 mishandles the case of an unrecognized TLV type, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet, a different vulnerability than CVE-2016-2531.
ModerateCVE-2016-2530SUSE bug 968565cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2531SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that triggers a 0xff tag value, a different vulnerability than CVE-2016-2530.
ModerateCVE-2016-2531SUSE bug 968565cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2532SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.
ModerateCVE-2016-2532SUSE bug 968565cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2538SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function.
LowCVE-2016-2538SUSE bug 967969SUSE bug 968004cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2543SUSE Linux Enterprise Desktop 12
The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call.
ModerateCVE-2016-2543SUSE bug 967972cpe:/o:suse:sled:12CVE-2016-2544SUSE Linux Enterprise Desktop 12
Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time.
ModerateCVE-2016-2544SUSE bug 967973cpe:/o:suse:sled:12CVE-2016-2545SUSE Linux Enterprise Desktop 12
The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.
ModerateCVE-2016-2545SUSE bug 967974cpe:/o:suse:sled:12CVE-2016-2546SUSE Linux Enterprise Desktop 12
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.
ModerateCVE-2016-2546SUSE bug 967975cpe:/o:suse:sled:12CVE-2016-2547SUSE Linux Enterprise Desktop 12
sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.
ModerateCVE-2016-2547SUSE bug 968011cpe:/o:suse:sled:12CVE-2016-2548SUSE Linux Enterprise Desktop 12
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.
ModerateCVE-2016-2548SUSE bug 968012cpe:/o:suse:sled:12CVE-2016-2549SUSE Linux Enterprise Desktop 12
sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call.
ModerateCVE-2016-2549SUSE bug 968013cpe:/o:suse:sled:12CVE-2016-2774SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.
ModerateCVE-2016-2774SUSE bug 969820cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2775SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
ModerateCVE-2016-2775SUSE bug 989528cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2776SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
ImportantCVE-2016-2776SUSE bug 1000362SUSE bug 1001595SUSE bug 1001597SUSE bug 1007829cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2779SUSE Linux Enterprise Desktop 12 SP4
runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
ModerateCVE-2016-2779SUSE bug 1000998SUSE bug 1018892SUSE bug 946429SUSE bug 968375SUSE bug 968674SUSE bug 968675cpe:/o:suse:sled:12:sp4CVE-2016-2782SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.
LowCVE-2016-2782SUSE bug 961512SUSE bug 968670cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2785SUSE Linux Enterprise Desktop 12
Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding.
LowCVE-2016-2785SUSE bug 977471cpe:/o:suse:sled:12CVE-2016-2786SUSE Linux Enterprise Desktop 12
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate.
ImportantCVE-2016-2786SUSE bug 983729cpe:/o:suse:sled:12CVE-2016-2790SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
CriticalCVE-2016-2790SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2791SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CriticalCVE-2016-2791SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2792SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.
CriticalCVE-2016-2792SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2793SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CriticalCVE-2016-2793SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2794SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CriticalCVE-2016-2794SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2795SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
CriticalCVE-2016-2795SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2796SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.
CriticalCVE-2016-2796SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2797SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801.
CriticalCVE-2016-2797SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2798SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CriticalCVE-2016-2798SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2799SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.
CriticalCVE-2016-2799SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2800SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.
CriticalCVE-2016-2800SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2801SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797.
CriticalCVE-2016-2801SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2802SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CriticalCVE-2016-2802SUSE bug 969894cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2804SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2016-2804SUSE bug 977373cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2805SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2016-2805SUSE bug 977333SUSE bug 977374cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2806SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2016-2806SUSE bug 977375cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2807SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2016-2807SUSE bug 977333SUSE bug 977376cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2808SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site.
ModerateCVE-2016-2808SUSE bug 977333SUSE bug 977386cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2809SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.
ImportantCVE-2016-2809SUSE bug 977333SUSE bug 977377cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2810SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password.
ModerateCVE-2016-2810SUSE bug 977333SUSE bug 977378cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2811SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.
ImportantCVE-2016-2811SUSE bug 977379cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2812SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.
ImportantCVE-2016-2812SUSE bug 977379cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2813SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.
ModerateCVE-2016-2813SUSE bug 977333SUSE bug 977380cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2814SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.
ModerateCVE-2016-2814SUSE bug 977333SUSE bug 977381cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2815SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2016-2815SUSE bug 983549SUSE bug 983638cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2816SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.
ModerateCVE-2016-2816SUSE bug 977382cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2817SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
ModerateCVE-2016-2817SUSE bug 977384cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2818SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2016-2818SUSE bug 983549SUSE bug 983638cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2819SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
ModerateCVE-2016-2819SUSE bug 983549SUSE bug 983655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2820SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.
ModerateCVE-2016-2820SUSE bug 977388cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2821SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.
ModerateCVE-2016-2821SUSE bug 983549SUSE bug 983653cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2822SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.
ModerateCVE-2016-2822SUSE bug 983549SUSE bug 983652cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2824SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array.
ModerateCVE-2016-2824SUSE bug 983549SUSE bug 983651cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2825SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.
ModerateCVE-2016-2825SUSE bug 983549SUSE bug 983649cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2826SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file.
ModerateCVE-2016-2826SUSE bug 983549SUSE bug 983647cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2828SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.
ModerateCVE-2016-2828SUSE bug 983549SUSE bug 983646cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2829SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.
ModerateCVE-2016-2829SUSE bug 983549SUSE bug 983644cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2830SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.
ModerateCVE-2016-2830SUSE bug 983922SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2831SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.
ModerateCVE-2016-2831SUSE bug 983549SUSE bug 983632SUSE bug 983643cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2832SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.
ModerateCVE-2016-2832SUSE bug 983549SUSE bug 983632cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2833SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.
ModerateCVE-2016-2833SUSE bug 983549SUSE bug 983640cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2834SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2016-2834SUSE bug 983549SUSE bug 983639cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2835SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2016-2835SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2836SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.
ModerateCVE-2016-2836SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2837SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.
ModerateCVE-2016-2837SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2838SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
ModerateCVE-2016-2838SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2839SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.
ModerateCVE-2016-2839SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2841SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control.
LowCVE-2016-2841SUSE bug 969350SUSE bug 969351cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2847SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
ModerateCVE-2016-2847SUSE bug 970948SUSE bug 974646cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-2851SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
ModerateCVE-2016-2851SUSE bug 969785cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-2857SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.
ModerateCVE-2016-2857SUSE bug 970037cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-2858SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.
ModerateCVE-2016-2858SUSE bug 970036cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-3044SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.
LowCVE-2016-3044SUSE bug 1013013cpe:/o:suse:sled:12:sp4CVE-2016-3065SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.
ModerateCVE-2016-3065SUSE bug 978456cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3070SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move.
LowCVE-2016-3070SUSE bug 979215cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3075SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
ModerateCVE-2016-3075SUSE bug 973164cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3115SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
ModerateCVE-2016-3115SUSE bug 1005738SUSE bug 1059233SUSE bug 1138392SUSE bug 970632SUSE bug 992296SUSE bug 996040cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3119SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.
LowCVE-2016-3119SUSE bug 971942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3120SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request.
LowCVE-2016-3120SUSE bug 991088cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3134SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
ModerateCVE-2016-3134SUSE bug 1052256SUSE bug 971126SUSE bug 971793SUSE bug 986362SUSE bug 986365SUSE bug 986377cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3135SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
ModerateCVE-2016-3135SUSE bug 970904SUSE bug 971794cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3136SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors.
ModerateCVE-2016-3136SUSE bug 970955cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3137SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.
ModerateCVE-2016-3137SUSE bug 970970cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-3138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.
ModerateCVE-2016-3138SUSE bug 970911SUSE bug 970970cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-3139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-3139SUSE bug 970909cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-3140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-3140SUSE bug 970892cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3156SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.
LowCVE-2016-3156SUSE bug 971360cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-3158SUSE Linux Enterprise Desktop 12 SP1
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
LowCVE-2016-3158SUSE bug 973188cpe:/o:suse:sled:12:sp1CVE-2016-3159SUSE Linux Enterprise Desktop 12 SP1
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
LowCVE-2016-3159SUSE bug 973188cpe:/o:suse:sled:12:sp1CVE-2016-3177SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
ModerateCVE-2016-3177SUSE bug 971555cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-3186SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
ModerateCVE-2016-3186SUSE bug 973340SUSE bug 983268cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3189SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
LowCVE-2016-3189SUSE bug 985657cpe:/o:suse:sled:12:sp4CVE-2016-3190SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.
ModerateCVE-2016-3190SUSE bug 971964cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-3191SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.
LowCVE-2016-3191SUSE bug 971741cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3425SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
ImportantCVE-2016-3425SUSE bug 976340SUSE bug 979252cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3426SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.
ImportantCVE-2016-3426SUSE bug 976340SUSE bug 979252cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3427SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
ImportantCVE-2016-3427SUSE bug 1011805SUSE bug 976340SUSE bug 979252cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3458SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
ModerateCVE-2016-3458SUSE bug 989732cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3477SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.
ImportantCVE-2016-3477SUSE bug 989913SUSE bug 991616cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3485SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
LowCVE-2016-3485SUSE bug 1009280SUSE bug 989734cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3492SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
ModerateCVE-2016-3492SUSE bug 1005555SUSE bug 1008318cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3498SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availability via vectors related to JavaFX.
ModerateCVE-2016-3498SUSE bug 989729cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3500SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
ModerateCVE-2016-3500SUSE bug 989730cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3503SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
ModerateCVE-2016-3503SUSE bug 989728cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3508SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
ModerateCVE-2016-3508SUSE bug 989731cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3511SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment.
ModerateCVE-2016-3511SUSE bug 1009280SUSE bug 989727cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3521SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.
ImportantCVE-2016-3521SUSE bug 989919SUSE bug 991616cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3550SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
ModerateCVE-2016-3550SUSE bug 989733cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3552SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
ModerateCVE-2016-3552SUSE bug 989726cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3587SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
ImportantCVE-2016-3587SUSE bug 989721SUSE bug 998845cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3598SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.
ImportantCVE-2016-3598SUSE bug 1009280SUSE bug 989723cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3606SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
ImportantCVE-2016-3606SUSE bug 989722cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3610SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598.
ImportantCVE-2016-3610SUSE bug 989725cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3615SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.
ModerateCVE-2016-3615SUSE bug 989922SUSE bug 991616cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3616SUSE Linux Enterprise Desktop 12 SP4
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
ModerateCVE-2016-3616SUSE bug 1160884cpe:/o:suse:sled:12:sp4CVE-2016-3622SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
LowCVE-2016-3622SUSE bug 974449cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3623SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
LowCVE-2016-3623SUSE bug 974617SUSE bug 974618cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3624SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.
LowCVE-2016-3624SUSE bug 974617cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-3625SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
LowCVE-2016-3625SUSE bug 974615cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-3627SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
ModerateCVE-2016-3627SUSE bug 1026099SUSE bug 1026101SUSE bug 1123919SUSE bug 972335SUSE bug 975947cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3632SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
LowCVE-2016-3632SUSE bug 1007276SUSE bug 974621SUSE bug 983436cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3633SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
LowCVE-2016-3633SUSE bug 974841cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-3634SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.
LowCVE-2016-3634SUSE bug 974839cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-3658SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.
LowCVE-2016-3658SUSE bug 974840cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3672SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits.
LowCVE-2016-3672SUSE bug 974308cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-3689SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.
ModerateCVE-2016-3689SUSE bug 971628cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3698SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
ModerateCVE-2016-3698SUSE bug 979645cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3705SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
ModerateCVE-2016-3705SUSE bug 1017497SUSE bug 1123919SUSE bug 975947cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3706SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.
ModerateCVE-2016-3706SUSE bug 980483SUSE bug 997423cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3710SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
ModerateCVE-2016-3710SUSE bug 978158SUSE bug 978164SUSE bug 978167cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3712SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
ModerateCVE-2016-3712SUSE bug 978160SUSE bug 978164SUSE bug 978167cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3713SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call.
ModerateCVE-2016-3713SUSE bug 979715SUSE bug 985132cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3714SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."
ModerateCVE-2016-3714SUSE bug 1000484SUSE bug 1057163SUSE bug 1105592SUSE bug 978061SUSE bug 982178cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3715SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
ModerateCVE-2016-3715SUSE bug 1000484SUSE bug 1057163SUSE bug 1105592SUSE bug 978061cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3716SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
ModerateCVE-2016-3716SUSE bug 1000484SUSE bug 1057163SUSE bug 1105592SUSE bug 978061cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3717SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
ModerateCVE-2016-3717SUSE bug 1000484SUSE bug 1057163SUSE bug 1105592SUSE bug 978061cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3718SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
ModerateCVE-2016-3718SUSE bug 1000484SUSE bug 1057163SUSE bug 1105592SUSE bug 978061cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3841SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.
ModerateCVE-2016-3841SUSE bug 1052256SUSE bug 992566SUSE bug 992569cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3945SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write.
LowCVE-2016-3945SUSE bug 974614cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3951SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
ModerateCVE-2016-3951SUSE bug 974418cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3960SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.
ModerateCVE-2016-3960SUSE bug 974038cpe:/o:suse:sled:12:sp1CVE-2016-3977SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.
ModerateCVE-2016-3977SUSE bug 974847cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3990SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.
LowCVE-2016-3990SUSE bug 975069cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-3991SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.
LowCVE-2016-3991SUSE bug 975070cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4000SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.
ModerateCVE-2016-4000SUSE bug 1044655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4001SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large packet.
ModerateCVE-2016-4001SUSE bug 975128SUSE bug 975130cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4002SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.
ModerateCVE-2016-4002SUSE bug 975136SUSE bug 975138cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4008SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
ModerateCVE-2016-4008SUSE bug 982779cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4020SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).
LowCVE-2016-4020SUSE bug 975700SUSE bug 975907cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4037SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.
ModerateCVE-2016-4037SUSE bug 959005SUSE bug 959006SUSE bug 976109SUSE bug 976111cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4070SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not)."
ModerateCVE-2016-4070SUSE bug 976997SUSE bug 980366cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4108SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4108SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4109SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4109SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4110SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4110SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4111SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4111SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4112SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4112SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4113SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4113SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4114SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4114SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4115SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4115SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4116SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CriticalCVE-2016-4116SUSE bug 979422cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4117SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
ImportantCVE-2016-4117SUSE bug 979422SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4122SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4122SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4123SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4123SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4124SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4124SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4125SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4125SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4127SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4127SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4128SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4128SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4129SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4129SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4130SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4130SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4131SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4131SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4132SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4132SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4133SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4133SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4134SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4134SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4135SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4135SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4136SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4136SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4137SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4137SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4138SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4138SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4139SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4140SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4141SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4141SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4142SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4142SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4143SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4143SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4144SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4144SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4145SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4145SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4146SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4146SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4147SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4147SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4148SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4148SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4149SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4149SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4150SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4150SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4151SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4151SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4152SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4152SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4153SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4153SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4154SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4154SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4155SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4155SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4156SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4156SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4166SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
ImportantCVE-2016-4166SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4171SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
ImportantCVE-2016-4171SUSE bug 984695cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4172SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4172SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4173SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
ImportantCVE-2016-4173SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4174SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
ImportantCVE-2016-4174SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4175SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4175SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4176SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4177.
ImportantCVE-2016-4176SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4177SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4176.
ImportantCVE-2016-4177SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4178SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
ImportantCVE-2016-4178SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4179SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4179SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4180SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4180SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4181SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4181SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4182SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4182SUSE bug 988579SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4183SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4183SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4184SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4184SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4185SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4185SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4186SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4186SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4187SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4187SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4188SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4188SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4189SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4189SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4190SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4190SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4217SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4217SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4218SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4218SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4219SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4219SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4220SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4220SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4221SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4221SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4222SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
ImportantCVE-2016-4222SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4223SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4224 and CVE-2016-4225.
ImportantCVE-2016-4223SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4224SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4223 and CVE-2016-4225.
ImportantCVE-2016-4224SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4225SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4223 and CVE-2016-4224.
ImportantCVE-2016-4225SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4226SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
ImportantCVE-2016-4226SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4227SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
ImportantCVE-2016-4227SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4228SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
ImportantCVE-2016-4228SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4229SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
ImportantCVE-2016-4229SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4230SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231, and CVE-2016-4248.
ImportantCVE-2016-4230SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4231SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248.
ImportantCVE-2016-4231SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4232SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors.
ImportantCVE-2016-4232SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4233SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4233SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4234SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4234SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4235SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4235SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4236SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4236SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4237SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4237SUSE bug 988579SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4238SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4238SUSE bug 988579SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4239SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4239SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4240SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4240SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4241SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4241SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4242SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4242SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4243SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4243SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4244SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246.
ImportantCVE-2016-4244SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4245SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4246.
ImportantCVE-2016-4245SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4246SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, and CVE-2016-4245.
ImportantCVE-2016-4246SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4247SUSE Linux Enterprise Desktop 12 SP1
Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via unspecified vectors.
ImportantCVE-2016-4247SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4248SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4231.
ImportantCVE-2016-4248SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4249SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2016-4249SUSE bug 988579cpe:/o:suse:sled:12:sp1CVE-2016-4271SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue.
ModerateCVE-2016-4271SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4272SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-4272SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4273SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
ImportantCVE-2016-4273SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-4274SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4274SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4275SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4275SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4276SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4276SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4277SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278.
ModerateCVE-2016-4277SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4278SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277.
ModerateCVE-2016-4278SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4279SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-4279SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4280SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4280SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4281SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4281SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4282SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4282SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4283SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4283SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4284SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4284SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4285SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-6922, and CVE-2016-6924.
ModerateCVE-2016-4285SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4286SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
ImportantCVE-2016-4286SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-4287SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors.
ModerateCVE-2016-4287SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-4300SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
ModerateCVE-2016-4300SUSE bug 985832cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4301SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.
ModerateCVE-2016-4301SUSE bug 985826cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4302SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
ModerateCVE-2016-4302SUSE bug 985835cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4324SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.
ModerateCVE-2016-4324SUSE bug 987553cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4353SUSE Linux Enterprise Desktop 12
ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.
ModerateCVE-2016-4353SUSE bug 977980cpe:/o:suse:sled:12CVE-2016-4354SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
ImportantCVE-2016-4354SUSE bug 977982SUSE bug 977989cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4355SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
ModerateCVE-2016-4355SUSE bug 977982SUSE bug 977989cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4356SUSE Linux Enterprise Desktop 12
The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data.
ModerateCVE-2016-4356SUSE bug 977977SUSE bug 979261cpe:/o:suse:sled:12CVE-2016-4429SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.
ModerateCVE-2016-4429SUSE bug 1081556SUSE bug 980854cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4439SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors.
ModerateCVE-2016-4439SUSE bug 980711SUSE bug 980716cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4440SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode.
ModerateCVE-2016-4440SUSE bug 980829cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4441SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command.
ModerateCVE-2016-4441SUSE bug 980723SUSE bug 980724cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4447SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
ModerateCVE-2016-4447SUSE bug 1123919SUSE bug 981548cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4448SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
ModerateCVE-2016-4448SUSE bug 1010299SUSE bug 1123919SUSE bug 981549cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4449SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
ModerateCVE-2016-4449SUSE bug 1123919SUSE bug 981550cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4453SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.
LowCVE-2016-4453SUSE bug 982223SUSE bug 982225cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4454SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read.
LowCVE-2016-4454SUSE bug 982222SUSE bug 982224cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4456SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem.
ModerateCVE-2016-4456SUSE bug 983471cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4463SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
ModerateCVE-2016-4463SUSE bug 985860cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4470SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
ModerateCVE-2016-4470SUSE bug 984755SUSE bug 984764SUSE bug 991651cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4472SUSE Linux Enterprise Desktop 12 SP4
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
ModerateCVE-2016-4472SUSE bug 1034050SUSE bug 939077SUSE bug 980391SUSE bug 983985cpe:/o:suse:sled:12:sp4CVE-2016-4482SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.
ModerateCVE-2016-4482SUSE bug 978401SUSE bug 978445cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4483SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.
LowCVE-2016-4483SUSE bug 1026101SUSE bug 1123919SUSE bug 978395cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4484SUSE Linux Enterprise Desktop 12 SP1
The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.
LowCVE-2016-4484SUSE bug 1009220cpe:/o:suse:sled:12:sp1CVE-2016-4485SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
ModerateCVE-2016-4485SUSE bug 978821cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4486SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
LowCVE-2016-4486SUSE bug 978822cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4557SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.
ModerateCVE-2016-4557SUSE bug 979018SUSE bug 979077cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4558SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count.
ModerateCVE-2016-4558SUSE bug 979019cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4562SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2016-4562SUSE bug 983292SUSE bug 983305SUSE bug 983308SUSE bug 983309cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4563SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2016-4563SUSE bug 983305cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4564SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2016-4564SUSE bug 983308cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4565SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.
ModerateCVE-2016-4565SUSE bug 979548SUSE bug 980363SUSE bug 980883cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-4568SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP4
drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a crafted number of planes in a VIDIOC_DQBUF ioctl call.
ModerateCVE-2016-4568SUSE bug 979022SUSE bug 981516cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp4CVE-2016-4569SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.
LowCVE-2016-4569SUSE bug 979213SUSE bug 979879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4574SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.
ModerateCVE-2016-4574SUSE bug 1135436SUSE bug 979261cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4578SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.
LowCVE-2016-4578SUSE bug 1052256SUSE bug 979879cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4579SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl."
ModerateCVE-2016-4579SUSE bug 1135436SUSE bug 979906cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4581SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls.
ModerateCVE-2016-4581SUSE bug 979913cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4590SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ModerateCVE-2016-4590cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4591SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
ImportantCVE-2016-4591cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4612SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-1683. Reason: This candidate is a reservation duplicate of CVE-2016-1683. Notes: All CVE users should reference CVE-2016-1683 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-4612SUSE bug 1135231SUSE bug 1135233SUSE bug 1135235SUSE bug 1135238cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4619SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8317. Reason: This candidate is a reservation duplicate of CVE-2015-8317. Notes: All CVE users should reference CVE-2015-8317 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-4619cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4622SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624.
ModerateCVE-2016-4622cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4624SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623.
ModerateCVE-2016-4624cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4658SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
ModerateCVE-2016-4658SUSE bug 1005544SUSE bug 1014873SUSE bug 1069433SUSE bug 1078813SUSE bug 1123919cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4692SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-4692SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4738SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
ModerateCVE-2016-4738SUSE bug 1005591SUSE bug 1123130cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4743SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-4743SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4794SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls.
ModerateCVE-2016-4794SUSE bug 980265SUSE bug 981517cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4797SUSE Linux Enterprise Desktop 12 SP2
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.
ModerateCVE-2016-4797SUSE bug 979911SUSE bug 980504cpe:/o:suse:sled:12:sp2CVE-2016-4802SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory.
ModerateCVE-2016-4802SUSE bug 986656cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-4804SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.
LowCVE-2016-4804SUSE bug 980364SUSE bug 980377cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4805SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.
LowCVE-2016-4805SUSE bug 980371cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-4809SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
LowCVE-2016-4809SUSE bug 984990cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4912SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure.
ModerateCVE-2016-4912SUSE bug 1074356SUSE bug 980722cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4913SUSE Linux Enterprise Desktop 12 SP3
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.
LowCVE-2016-4913SUSE bug 870618SUSE bug 980725SUSE bug 985132cpe:/o:suse:sled:12:sp3CVE-2016-4951SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation.
ModerateCVE-2016-4951SUSE bug 981058SUSE bug 985132cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4952SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command.
ModerateCVE-2016-4952SUSE bug 981266SUSE bug 981276cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4953SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
ModerateCVE-2016-4953SUSE bug 962784SUSE bug 977459SUSE bug 982056SUSE bug 982065cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4954SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.
ModerateCVE-2016-4954SUSE bug 982056SUSE bug 982066cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4955SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
ModerateCVE-2016-4955SUSE bug 982056SUSE bug 982067cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4956SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.
ModerateCVE-2016-4956SUSE bug 977461SUSE bug 982056SUSE bug 982068cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4957SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
ModerateCVE-2016-4957SUSE bug 977459SUSE bug 982056SUSE bug 982064cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4962SUSE Linux Enterprise Desktop 12 SP1
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
ModerateCVE-2016-4962SUSE bug 979620cpe:/o:suse:sled:12:sp1CVE-2016-4963SUSE Linux Enterprise Desktop 12 SP1
The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
ModerateCVE-2016-4963SUSE bug 979641SUSE bug 979670cpe:/o:suse:sled:12:sp1CVE-2016-4964SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state.
LowCVE-2016-4964SUSE bug 981399SUSE bug 981401cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4971SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
ModerateCVE-2016-4971SUSE bug 1023231SUSE bug 984060cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4973SUSE Linux Enterprise Desktop 12 SP1
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
LowCVE-2016-4973SUSE bug 994170cpe:/o:suse:sled:12:sp1CVE-2016-4994SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.
ModerateCVE-2016-4994SUSE bug 986021cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4997SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.
ImportantCVE-2016-4997SUSE bug 986362SUSE bug 986365SUSE bug 986377SUSE bug 991651cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-4998SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.
ModerateCVE-2016-4998SUSE bug 986362SUSE bug 986365cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5008SUSE Linux Enterprise Desktop 12 SP1
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
ModerateCVE-2016-5008SUSE bug 987527cpe:/o:suse:sled:12:sp1CVE-2016-5009SUSE Linux Enterprise Desktop 12 SP2
The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.
ModerateCVE-2016-5009SUSE bug 987144cpe:/o:suse:sled:12:sp2CVE-2016-5010SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
LowCVE-2016-5010SUSE bug 991444cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5011SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
LowCVE-2016-5011SUSE bug 988361cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5093SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.
ModerateCVE-2016-5093SUSE bug 982010cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5094SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.
ModerateCVE-2016-5094SUSE bug 982011SUSE bug 982012cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5095SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.
ModerateCVE-2016-5095SUSE bug 982011SUSE bug 982012cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5096SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument.
ModerateCVE-2016-5096SUSE bug 982013cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5102SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.
ModerateCVE-2016-5102SUSE bug 983268cpe:/o:suse:sled:12:sp4CVE-2016-5104SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
ModerateCVE-2016-5104SUSE bug 982014cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5105SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command.
LowCVE-2016-5105SUSE bug 982017SUSE bug 982024cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5106SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command.
LowCVE-2016-5106SUSE bug 982018SUSE bug 982025cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5107SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors.
LowCVE-2016-5107SUSE bug 982019SUSE bug 982026cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5116SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name.
ModerateCVE-2016-5116SUSE bug 982176cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5118SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
ModerateCVE-2016-5118SUSE bug 1000484SUSE bug 982178cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5126SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.
ModerateCVE-2016-5126SUSE bug 982285SUSE bug 982286cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5131SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
ImportantCVE-2016-5131SUSE bug 1014873SUSE bug 1069433SUSE bug 1078813SUSE bug 1123919SUSE bug 989901cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5180SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot.
ModerateCVE-2016-5180SUSE bug 1007728cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5195SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
ImportantCVE-2016-5195SUSE bug 1004418SUSE bug 1004419SUSE bug 1004436SUSE bug 1006323SUSE bug 1006695SUSE bug 1008110SUSE bug 1030118SUSE bug 1069496SUSE bug 1149725SUSE bug 870618SUSE bug 986445SUSE bug 998689cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5238SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.
ModerateCVE-2016-5238SUSE bug 982959SUSE bug 982960cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5239SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
ModerateCVE-2016-5239SUSE bug 982969SUSE bug 983539cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5241SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
ModerateCVE-2016-5241SUSE bug 983455cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5242SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion.
ModerateCVE-2016-5242SUSE bug 983300cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5243SUSE Linux Enterprise Desktop 12 SP1
The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
ModerateCVE-2016-5243SUSE bug 983212cpe:/o:suse:sled:12:sp1CVE-2016-5244SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
ModerateCVE-2016-5244SUSE bug 983213cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5250SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.
ModerateCVE-2016-5250SUSE bug 991809SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5252SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.
ModerateCVE-2016-5252SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5254SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.
ModerateCVE-2016-5254SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5257SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-5257SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5258SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.
ModerateCVE-2016-5258SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5259SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.
ModerateCVE-2016-5259SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5261SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
ModerateCVE-2016-5261SUSE bug 991809SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5262SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
ModerateCVE-2016-5262SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5263SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."
ModerateCVE-2016-5263SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5264SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.
ModerateCVE-2016-5264SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5265SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.
ModerateCVE-2016-5265SUSE bug 991809cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5270SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.
ImportantCVE-2016-5270SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5272SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.
ImportantCVE-2016-5272SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5274SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.
ImportantCVE-2016-5274SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5276SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.
ImportantCVE-2016-5276SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5277SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.
ImportantCVE-2016-5277SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5278SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.
ImportantCVE-2016-5278SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5280SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text.
ImportantCVE-2016-5280SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5281SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.
ImportantCVE-2016-5281SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5284SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
ImportantCVE-2016-5284SUSE bug 999701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5285SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
ModerateCVE-2016-5285SUSE bug 1010517cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5287SUSE Linux Enterprise Desktop 12 SP1
A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox < 49.0.2.
ModerateCVE-2016-5287SUSE bug 1006475cpe:/o:suse:sled:12:sp1CVE-2016-5288SUSE Linux Enterprise Desktop 12 SP1
Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox < 49.0.2.
ModerateCVE-2016-5288SUSE bug 1006476cpe:/o:suse:sled:12:sp1CVE-2016-5289SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.
ImportantCVE-2016-5289SUSE bug 1009026SUSE bug 1010426cpe:/o:suse:sled:12:sp4CVE-2016-5290SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
ImportantCVE-2016-5290SUSE bug 1009026SUSE bug 1010427cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5291SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
ModerateCVE-2016-5291SUSE bug 1009026SUSE bug 1010410cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5292SUSE Linux Enterprise Desktop 12 SP4
During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox < 50.
ModerateCVE-2016-5292SUSE bug 1009026SUSE bug 1010399cpe:/o:suse:sled:12:sp4CVE-2016-5293SUSE Linux Enterprise Desktop 12 SP1
When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.
ModerateCVE-2016-5293SUSE bug 1009026SUSE bug 1010400cpe:/o:suse:sled:12:sp1CVE-2016-5294SUSE Linux Enterprise Desktop 12 SP1
The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
ModerateCVE-2016-5294SUSE bug 1009026SUSE bug 1010396cpe:/o:suse:sled:12:sp1CVE-2016-5295SUSE Linux Enterprise Desktop 12 SP1
This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox < 50.
ModerateCVE-2016-5295SUSE bug 1009026SUSE bug 1010411cpe:/o:suse:sled:12:sp1CVE-2016-5296SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
ImportantCVE-2016-5296SUSE bug 1009026SUSE bug 1010395cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5297SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
ModerateCVE-2016-5297SUSE bug 1009026SUSE bug 1010401cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5298SUSE Linux Enterprise Desktop 12 SP1
A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox < 50.
ModerateCVE-2016-5298SUSE bug 1009026SUSE bug 1010412cpe:/o:suse:sled:12:sp1CVE-2016-5299SUSE Linux Enterprise Desktop 12 SP1
A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
ModerateCVE-2016-5299SUSE bug 1009026SUSE bug 1010413cpe:/o:suse:sled:12:sp1CVE-2016-5300SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876.
ModerateCVE-2016-5300SUSE bug 983216cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5314SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
ModerateCVE-2016-5314SUSE bug 984831SUSE bug 987351cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5316SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
ModerateCVE-2016-5316SUSE bug 984837cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5317SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.
ModerateCVE-2016-5317SUSE bug 984842cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5318SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff.
ModerateCVE-2016-5318SUSE bug 1007276SUSE bug 1017690SUSE bug 1040322SUSE bug 960341SUSE bug 974621SUSE bug 983436cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5319SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file.
ModerateCVE-2016-5319SUSE bug 1074186SUSE bug 1150480SUSE bug 983440cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5320SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-5320SUSE bug 1007284SUSE bug 984808SUSE bug 987351cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5321SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.
ModerateCVE-2016-5321SUSE bug 984813cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5322SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
ModerateCVE-2016-5322SUSE bug 984816cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5323SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.
ModerateCVE-2016-5323SUSE bug 984815cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5337SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.
LowCVE-2016-5337SUSE bug 983961SUSE bug 983973cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5338SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer.
LowCVE-2016-5338SUSE bug 983982SUSE bug 983984cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5350SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ImportantCVE-2016-5350SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5351SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ImportantCVE-2016-5351SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5352SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ImportantCVE-2016-5352SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5353SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ImportantCVE-2016-5353SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5354SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ImportantCVE-2016-5354SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5355SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ImportantCVE-2016-5355SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5356SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ImportantCVE-2016-5356SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5357SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ImportantCVE-2016-5357SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5358SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ImportantCVE-2016-5358SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5359SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 1.12.x before 1.12.12 mishandles offsets, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted packet.
ImportantCVE-2016-5359SUSE bug 983671cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5384SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
LowCVE-2016-5384SUSE bug 1123116SUSE bug 992534cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5389SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5696. Reason: This candidate is a reservation duplicate of CVE-2016-5696. Notes: All CVE users should reference CVE-2016-5696 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-5389cpe:/o:suse:sled:12:sp4CVE-2016-5403SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
LowCVE-2016-5403SUSE bug 990923SUSE bug 991080cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5407SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
ModerateCVE-2016-5407SUSE bug 1003017SUSE bug 1123148cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5412SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.
ModerateCVE-2016-5412SUSE bug 1013013SUSE bug 991065cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5417SUSE Linux Enterprise Desktop 12 SP1
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures.
ModerateCVE-2016-5417SUSE bug 991670cpe:/o:suse:sled:12:sp1CVE-2016-5418SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
ModerateCVE-2016-5418SUSE bug 998677cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5419SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session.
ModerateCVE-2016-5419SUSE bug 1033413SUSE bug 1033442SUSE bug 991389cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5420SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.
ModerateCVE-2016-5420SUSE bug 991390SUSE bug 997420cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5421SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2016-5421SUSE bug 991391cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5423SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.
ModerateCVE-2016-5423SUSE bug 1041981SUSE bug 1042497SUSE bug 1052683SUSE bug 993454cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-5424SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.
ModerateCVE-2016-5424SUSE bug 1041981SUSE bug 1042497SUSE bug 1052683SUSE bug 993453cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-5440SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.
ModerateCVE-2016-5440SUSE bug 989926SUSE bug 991616cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5542SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries.
ModerateCVE-2016-5542SUSE bug 1005522SUSE bug 1009280cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5546SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts).
ImportantCVE-2016-5546SUSE bug 1020905cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5547SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts).
ModerateCVE-2016-5547SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5548SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).
ImportantCVE-2016-5548SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5549SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).
ImportantCVE-2016-5549SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5552SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts).
ModerateCVE-2016-5552SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5554SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.
ModerateCVE-2016-5554SUSE bug 1005523SUSE bug 1009280cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5556SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.
CriticalCVE-2016-5556SUSE bug 1005524SUSE bug 1009280cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5568SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CriticalCVE-2016-5568SUSE bug 1005525SUSE bug 1009280cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5573SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
ImportantCVE-2016-5573SUSE bug 1005526SUSE bug 1009280cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5582SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.
CriticalCVE-2016-5582SUSE bug 1005527cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5584SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
ModerateCVE-2016-5584SUSE bug 1005558SUSE bug 1008318cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5597SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
ModerateCVE-2016-5597SUSE bug 1005528SUSE bug 1009280cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5624SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
ModerateCVE-2016-5624SUSE bug 1005564SUSE bug 1008318cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5626SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
ModerateCVE-2016-5626SUSE bug 1005566SUSE bug 1008318cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5629SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
ModerateCVE-2016-5629SUSE bug 1005569SUSE bug 1008318cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5636SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.
ImportantCVE-2016-5636SUSE bug 1065451SUSE bug 1106262SUSE bug 985177cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5652SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
ModerateCVE-2016-5652SUSE bug 1007280cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5687SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
ModerateCVE-2016-5687SUSE bug 1000713SUSE bug 1000714SUSE bug 1074610SUSE bug 985448cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5688SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.
ModerateCVE-2016-5688SUSE bug 985442cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5689SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
ModerateCVE-2016-5689SUSE bug 985460cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5690SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
ModerateCVE-2016-5690SUSE bug 985451SUSE bug 985460cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5691SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
ModerateCVE-2016-5691SUSE bug 985456SUSE bug 985460cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5696SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
ModerateCVE-2016-5696SUSE bug 1175721SUSE bug 989152cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5699SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.
ModerateCVE-2016-5699SUSE bug 1122729SUSE bug 1130840SUSE bug 985348SUSE bug 985351SUSE bug 986630cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5728SUSE Linux Enterprise Desktop 12
Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability.
LowCVE-2016-5728SUSE bug 986827cpe:/o:suse:sled:12CVE-2016-5746SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
ModerateCVE-2016-5746SUSE bug 984245SUSE bug 986971cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-5759SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.
ModerateCVE-2016-5759SUSE bug 990200cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5773SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object.
ModerateCVE-2016-5773SUSE bug 986247SUSE bug 986391cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-5823SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
ModerateCVE-2016-5823SUSE bug 986632cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-5824SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
ModerateCVE-2016-5824SUSE bug 1015964SUSE bug 1122983SUSE bug 986631SUSE bug 986639SUSE bug 986642SUSE bug 986658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5825SUSE Linux Enterprise Desktop 12 SP4
The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file.
ModerateCVE-2016-5825SUSE bug 986631SUSE bug 986639SUSE bug 986642SUSE bug 986658cpe:/o:suse:sled:12:sp4CVE-2016-5826SUSE Linux Enterprise Desktop 12 SP4
The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function.
ModerateCVE-2016-5826SUSE bug 986631SUSE bug 986639SUSE bug 986642SUSE bug 986658cpe:/o:suse:sled:12:sp4CVE-2016-5827SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
ModerateCVE-2016-5827SUSE bug 986631SUSE bug 986639SUSE bug 986642SUSE bug 986658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5828SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call.
ModerateCVE-2016-5828SUSE bug 986569SUSE bug 991065cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5829SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.
ModerateCVE-2016-5829SUSE bug 1053919SUSE bug 1054127SUSE bug 986572SUSE bug 986573SUSE bug 991651cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5841SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
ModerateCVE-2016-5841SUSE bug 986609cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5842SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
ModerateCVE-2016-5842SUSE bug 986608cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5844SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
ModerateCVE-2016-5844SUSE bug 986566cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-5863SUSE Linux Enterprise Desktop 12 SP3
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses.
ModerateCVE-2016-5863SUSE bug 1053919SUSE bug 1054127SUSE bug 986572cpe:/o:suse:sled:12:sp3CVE-2016-5875SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-5875SUSE bug 1007284SUSE bug 984809SUSE bug 984831SUSE bug 987351cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6128SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
ModerateCVE-2016-6128SUSE bug 987580SUSE bug 991710cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6130SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerability.
ModerateCVE-2016-6130SUSE bug 987542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-6131SUSE Linux Enterprise Desktop 12 SP4
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
LowCVE-2016-6131SUSE bug 1075785SUSE bug 987552SUSE bug 987631SUSE bug 987633SUSE bug 987635SUSE bug 987637SUSE bug 987644cpe:/o:suse:sled:12:sp4CVE-2016-6132SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
ModerateCVE-2016-6132SUSE bug 987577SUSE bug 991436SUSE bug 995034cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6136SUSE Linux Enterprise Desktop 12 SP4
Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability.
ModerateCVE-2016-6136SUSE bug 988153cpe:/o:suse:sled:12:sp4CVE-2016-6153SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.
LowCVE-2016-6153SUSE bug 1149969SUSE bug 987394cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6156SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double fetch" vulnerability.
LowCVE-2016-6156SUSE bug 988025cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-6161SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
LowCVE-2016-6161SUSE bug 988032cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6162SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via certain IPv6 socket operations.
ModerateCVE-2016-6162SUSE bug 1009969SUSE bug 988013cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-6170SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.
ModerateCVE-2016-6170SUSE bug 1028603SUSE bug 987866cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6185SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
ModerateCVE-2016-6185SUSE bug 988311SUSE bug 999993cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6187SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.
ModerateCVE-2016-6187SUSE bug 988307cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-6197SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
ModerateCVE-2016-6197SUSE bug 988708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6198SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c.
ModerateCVE-2016-6198SUSE bug 988708cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-6207SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.
ModerateCVE-2016-6207SUSE bug 991434SUSE bug 991622cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6210SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
ModerateCVE-2016-6210SUSE bug 1001712SUSE bug 1105010SUSE bug 1138392SUSE bug 989363cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6213SUSE Linux Enterprise Desktop 12 SP4
fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts.
LowCVE-2016-6213SUSE bug 988964cpe:/o:suse:sled:12:sp4CVE-2016-6214SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
ModerateCVE-2016-6214SUSE bug 987577SUSE bug 991436SUSE bug 995034cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6223SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer.
ModerateCVE-2016-6223SUSE bug 990460cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6224SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946.
ModerateCVE-2016-6224SUSE bug 989121SUSE bug 989122cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6250SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
LowCVE-2016-6250SUSE bug 989980cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6252SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap.
ImportantCVE-2016-6252SUSE bug 1099310SUSE bug 979282cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6258SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
ModerateCVE-2016-6258SUSE bug 988675SUSE bug 988692cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6259SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
ModerateCVE-2016-6259SUSE bug 988676SUSE bug 988694cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6261SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.
LowCVE-2016-6261SUSE bug 1118435SUSE bug 1173590SUSE bug 990190cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6262SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.
ModerateCVE-2016-6262SUSE bug 1014473SUSE bug 1173590SUSE bug 1190777SUSE bug 990189cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6263SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.
LowCVE-2016-6263SUSE bug 1118435SUSE bug 990191cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6293SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.
ModerateCVE-2016-6293SUSE bug 1035111SUSE bug 1123121SUSE bug 990636cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6294SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument.
ModerateCVE-2016-6294SUSE bug 1035111SUSE bug 1044976SUSE bug 990636cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6302SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
ModerateCVE-2016-6302SUSE bug 994844SUSE bug 995324SUSE bug 999665cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6303SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2016-6303SUSE bug 994844SUSE bug 995377SUSE bug 999665cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6304SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
ModerateCVE-2016-6304SUSE bug 1001706SUSE bug 1003811SUSE bug 1005579SUSE bug 1021375SUSE bug 999665SUSE bug 999666cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6305SUSE Linux Enterprise Desktop 12 SP1
The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.
ModerateCVE-2016-6305SUSE bug 999665SUSE bug 999667cpe:/o:suse:sled:12:sp1CVE-2016-6306SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
LowCVE-2016-6306SUSE bug 999665SUSE bug 999668cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6307SUSE Linux Enterprise Desktop 12 SP1
The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem/statem.c and statem/statem_lib.c.
LowCVE-2016-6307SUSE bug 1001143SUSE bug 999665SUSE bug 999669SUSE bug 999670cpe:/o:suse:sled:12:sp1CVE-2016-6308SUSE Linux Enterprise Desktop 12 SP1
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
LowCVE-2016-6308SUSE bug 999665SUSE bug 999670cpe:/o:suse:sled:12:sp1CVE-2016-6309SUSE Linux Enterprise Desktop 12 SP1
statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session.
CriticalCVE-2016-6309SUSE bug 1001143cpe:/o:suse:sled:12:sp1CVE-2016-6313SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.
ModerateCVE-2016-6313SUSE bug 1123792SUSE bug 994157cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6318SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.
ModerateCVE-2016-6318SUSE bug 1123113SUSE bug 992966cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6321SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.
ModerateCVE-2016-6321SUSE bug 1007188SUSE bug 1123796cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6323SUSE Linux Enterprise Desktop 12 SP1
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.
ModerateCVE-2016-6323SUSE bug 994359cpe:/o:suse:sled:12:sp1CVE-2016-6327SUSE Linux Enterprise Desktop 12 SP1
drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation.
ModerateCVE-2016-6327SUSE bug 994748cpe:/o:suse:sled:12:sp1CVE-2016-6328SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
ModerateCVE-2016-6328SUSE bug 1055857cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6329SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.
ModerateCVE-2016-6329SUSE bug 1026864SUSE bug 995374cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6349SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command.
LowCVE-2016-6349SUSE bug 990805cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-6351SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the QEMU host via vectors involving DMA read into ESP command buffer.
ModerateCVE-2016-6351SUSE bug 990835SUSE bug 990843cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6352SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.
ModerateCVE-2016-6352SUSE bug 1027024SUSE bug 991450cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6354SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.
LowCVE-2016-6354SUSE bug 1026047SUSE bug 1035082SUSE bug 1035209SUSE bug 990856cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6480SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability.
ModerateCVE-2016-6480SUSE bug 1004418SUSE bug 991608SUSE bug 991667SUSE bug 992568cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6489SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
ModerateCVE-2016-6489SUSE bug 991464cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6490SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.
LowCVE-2016-6490SUSE bug 991466SUSE bug 993854cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6491SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
ModerateCVE-2016-6491SUSE bug 991445cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6503SUSE Linux Enterprise Desktop 12 SP1
The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-6503SUSE bug 991011cpe:/o:suse:sled:12:sp1CVE-2016-6504SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
ModerateCVE-2016-6504SUSE bug 991012cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6505SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet.
ModerateCVE-2016-6505SUSE bug 991013cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6506SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2016-6506SUSE bug 991015cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6507SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2016-6507SUSE bug 991016cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6508SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.
ModerateCVE-2016-6508SUSE bug 991017cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6509SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-6509SUSE bug 991018cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6510SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
ModerateCVE-2016-6510SUSE bug 991019cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6511SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet.
ModerateCVE-2016-6511SUSE bug 991020cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6512SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors.
ModerateCVE-2016-6512SUSE bug 991021cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-6513SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-6513SUSE bug 991022cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2016-6515SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
ModerateCVE-2016-6515SUSE bug 992533cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6516SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability.
ModerateCVE-2016-6516SUSE bug 991604SUSE bug 991669cpe:/o:suse:sled:12:sp4CVE-2016-6520SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.
ModerateCVE-2016-6520SUSE bug 991872cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6662SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
ImportantCVE-2016-6662SUSE bug 1001367SUSE bug 1005580SUSE bug 1020873SUSE bug 1020884SUSE bug 1021755SUSE bug 998309cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6663SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
ImportantCVE-2016-6663SUSE bug 1001367SUSE bug 1008253SUSE bug 1008318SUSE bug 1021755SUSE bug 998309cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6664SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
ModerateCVE-2016-6664SUSE bug 1008253SUSE bug 1020868SUSE bug 1020873SUSE bug 998309cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6786SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111.
ModerateCVE-2016-6786SUSE bug 1015160SUSE bug 1025626cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6787SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 31095224.
ModerateCVE-2016-6787SUSE bug 1015160cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6823SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
ModerateCVE-2016-6823SUSE bug 1001066SUSE bug 1002207cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6828SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.
ModerateCVE-2016-6828SUSE bug 1052256SUSE bug 994296cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6833SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the device is active.
ModerateCVE-2016-6833SUSE bug 994774SUSE bug 994775cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6834SUSE Linux Enterprise Desktop 12 SP1
The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.
ModerateCVE-2016-6834SUSE bug 994418SUSE bug 994421cpe:/o:suse:sled:12:sp1CVE-2016-6835SUSE Linux Enterprise Desktop 12 SP1
The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.
ModerateCVE-2016-6835SUSE bug 994605SUSE bug 994625cpe:/o:suse:sled:12:sp1CVE-2016-6836SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.
LowCVE-2016-6836SUSE bug 994760SUSE bug 994761cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6855SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
ModerateCVE-2016-6855SUSE bug 994819cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6888SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.
LowCVE-2016-6888SUSE bug 994771SUSE bug 994772cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6905SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.
ModerateCVE-2016-6905SUSE bug 995034cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6906SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
LowCVE-2016-6906SUSE bug 1022553cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6911SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
ModerateCVE-2016-6911SUSE bug 1004924SUSE bug 1005274cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6912SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.
ImportantCVE-2016-6912SUSE bug 1022284cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-6921SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-6921SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6922SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6924.
ModerateCVE-2016-6922SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6923SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-6923SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6924SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6922.
ModerateCVE-2016-6924SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6925SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-6925SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6926SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-6926SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6927SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-6927SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6929SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-6929SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6930SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932.
ModerateCVE-2016-6930SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6931SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6932.
ModerateCVE-2016-6931SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6932SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6931.
ModerateCVE-2016-6932SUSE bug 998589cpe:/o:suse:sled:12:sp1CVE-2016-6981SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987.
ImportantCVE-2016-6981SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6982SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
ImportantCVE-2016-6982SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6983SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
ImportantCVE-2016-6983SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6984SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
ImportantCVE-2016-6984SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6985SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
ImportantCVE-2016-6985SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6986SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990.
ImportantCVE-2016-6986SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6987SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981.
ImportantCVE-2016-6987SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6989SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6990.
ImportantCVE-2016-6989SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6990SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989.
ImportantCVE-2016-6990SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-6992SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."
ImportantCVE-2016-6992SUSE bug 1004019cpe:/o:suse:sled:12:sp1CVE-2016-7032SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.
ModerateCVE-2016-7032SUSE bug 1007501SUSE bug 1007766SUSE bug 1011975SUSE bug 1011976cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7039SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.
ImportantCVE-2016-7039SUSE bug 1001486SUSE bug 1001487SUSE bug 1003964cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7042SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
ModerateCVE-2016-7042SUSE bug 1004517cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7052SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.
ModerateCVE-2016-7052SUSE bug 1001148cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7053SUSE Linux Enterprise Desktop 12 SP1
In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to free certain invalid encodings. Only CHOICE structures using a callback which do not handle NULL value are affected.
ModerateCVE-2016-7053SUSE bug 1009533cpe:/o:suse:sled:12:sp1CVE-2016-7054SUSE Linux Enterprise Desktop 12 SP1
In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS.
ImportantCVE-2016-7054SUSE bug 1009531cpe:/o:suse:sled:12:sp1CVE-2016-7055SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker's direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.
ModerateCVE-2016-7055SUSE bug 1009528SUSE bug 1021641cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7056SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.
ModerateCVE-2016-7056SUSE bug 1005878SUSE bug 1019334SUSE bug 1148697cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7076SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.
ModerateCVE-2016-7076SUSE bug 1007501SUSE bug 1011975SUSE bug 1011976cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7091SUSE Linux Enterprise Desktop 12 SP1
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
LowCVE-2016-7091SUSE bug 995726cpe:/o:suse:sled:12:sp1CVE-2016-7092SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables.
ImportantCVE-2016-7092SUSE bug 995785cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7093SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.
ImportantCVE-2016-7093SUSE bug 995789cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7094SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.
ModerateCVE-2016-7094SUSE bug 995792cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7097SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
LowCVE-2016-7097SUSE bug 1021258SUSE bug 1052256SUSE bug 870618SUSE bug 995968cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7098SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
LowCVE-2016-7098SUSE bug 995964cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7101SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
ModerateCVE-2016-7101SUSE bug 1001221SUSE bug 1002207cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7116SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified string.
LowCVE-2016-7116SUSE bug 996441cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7117SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
ModerateCVE-2016-7117SUSE bug 1003077SUSE bug 1003253SUSE bug 1057478cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7141SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420.
ModerateCVE-2016-7141SUSE bug 991390SUSE bug 997420cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7154SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number.
ModerateCVE-2016-7154SUSE bug 997731cpe:/o:suse:sled:12:sp1CVE-2016-7155SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.
ModerateCVE-2016-7155SUSE bug 997858cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7156SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.
ModerateCVE-2016-7156SUSE bug 997859cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7157SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via vectors involving MPTSAS_CONFIG_PACK.
LowCVE-2016-7157SUSE bug 997860cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7161SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.
ModerateCVE-2016-7161SUSE bug 1001151SUSE bug 1001152cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7162SUSE Linux Enterprise Desktop 12 SP4
The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.
ModerateCVE-2016-7162SUSE bug 997822cpe:/o:suse:sled:12:sp4CVE-2016-7163SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
ModerateCVE-2016-7163SUSE bug 1007739SUSE bug 1007744SUSE bug 997857cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7167SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow.
ModerateCVE-2016-7167SUSE bug 998760cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7170SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command.
ModerateCVE-2016-7170SUSE bug 998516cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7175SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
ModerateCVE-2016-7175SUSE bug 998099SUSE bug 998761cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7176SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet.
ModerateCVE-2016-7176SUSE bug 998099SUSE bug 998762cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7177SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.
ModerateCVE-2016-7177SUSE bug 998099SUSE bug 998763cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7178SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet.
ModerateCVE-2016-7178SUSE bug 998099SUSE bug 998964cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7179SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-7179SUSE bug 998099SUSE bug 998963cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7180SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
ModerateCVE-2016-7180SUSE bug 998099SUSE bug 998800cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7415SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.
ModerateCVE-2016-7415SUSE bug 999822cpe:/o:suse:sled:12:sp1CVE-2016-7421SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit process IO loop to the ring size.
LowCVE-2016-7421SUSE bug 999661cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7422SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.
ModerateCVE-2016-7422SUSE bug 1000346cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7423SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors involving MPTSASRequest objects.
ModerateCVE-2016-7423SUSE bug 1000397cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7425SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.
ModerateCVE-2016-7425SUSE bug 999932cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7426SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.
ModerateCVE-2016-7426SUSE bug 1011406SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7427SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.
ModerateCVE-2016-7427SUSE bug 1011390SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7428SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.
ModerateCVE-2016-7428SUSE bug 1011417SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7429SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.
LowCVE-2016-7429SUSE bug 1011404SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7431SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.
ModerateCVE-2016-7431SUSE bug 1011395SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7433SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
LowCVE-2016-7433SUSE bug 1011411SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7434SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
ModerateCVE-2016-7434SUSE bug 1011398SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7440SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
ModerateCVE-2016-7440SUSE bug 1005581SUSE bug 1008318cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7444SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.
LowCVE-2016-7444SUSE bug 999646cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7445SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.
ModerateCVE-2016-7445SUSE bug 1007739SUSE bug 1007744SUSE bug 1015662SUSE bug 999817cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7446SUSE Linux Enterprise Desktop 12 SP1
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
ModerateCVE-2016-7446SUSE bug 999673cpe:/o:suse:sled:12:sp1CVE-2016-7447SUSE Linux Enterprise Desktop 12 SP1
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
ModerateCVE-2016-7447SUSE bug 999673cpe:/o:suse:sled:12:sp1CVE-2016-7448SUSE Linux Enterprise Desktop 12 SP1
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
ModerateCVE-2016-7448SUSE bug 999673cpe:/o:suse:sled:12:sp1CVE-2016-7449SUSE Linux Enterprise Desktop 12 SP1
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
ModerateCVE-2016-7449SUSE bug 999673cpe:/o:suse:sled:12:sp1CVE-2016-7466SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.
ModerateCVE-2016-7466SUSE bug 1000345cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7513SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.
ModerateCVE-2016-7513SUSE bug 1000686cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7514SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7514SUSE bug 1000688cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7515SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
ModerateCVE-2016-7515SUSE bug 1000689SUSE bug 1000695cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7516SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.
ModerateCVE-2016-7516SUSE bug 1000692SUSE bug 1000693SUSE bug 1000695cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7517SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.
ModerateCVE-2016-7517SUSE bug 1000693cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7518SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.
ModerateCVE-2016-7518SUSE bug 1000694SUSE bug 1028079cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7519SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
ModerateCVE-2016-7519SUSE bug 1000689SUSE bug 1000695cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7520SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.
ModerateCVE-2016-7520SUSE bug 1000696cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7521SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7521SUSE bug 1000697cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7522SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7522SUSE bug 1000698cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7523SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
ModerateCVE-2016-7523SUSE bug 1000699cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7524SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
ModerateCVE-2016-7524SUSE bug 1000700SUSE bug 1002422cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7525SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7525SUSE bug 1000688SUSE bug 1000701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7526SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
ModerateCVE-2016-7526SUSE bug 1000436SUSE bug 1000702SUSE bug 1107616cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7527SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
ModerateCVE-2016-7527SUSE bug 1000436SUSE bug 1000702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7528SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
ModerateCVE-2016-7528SUSE bug 1000434cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7529SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.
ModerateCVE-2016-7529SUSE bug 1000399SUSE bug 1000434SUSE bug 1000703SUSE bug 1054924cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7530SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
ModerateCVE-2016-7530SUSE bug 1000399SUSE bug 1000703SUSE bug 1054924cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7531SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
ModerateCVE-2016-7531SUSE bug 1000704cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7532SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7532SUSE bug 1000706cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7533SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.
ModerateCVE-2016-7533SUSE bug 1000707cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7534SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
ModerateCVE-2016-7534SUSE bug 1000708cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7535SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
ModerateCVE-2016-7535SUSE bug 1000709cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7536SUSE Linux Enterprise Desktop 12 SP1
magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.
ModerateCVE-2016-7536SUSE bug 1000710cpe:/o:suse:sled:12:sp1CVE-2016-7537SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
ModerateCVE-2016-7537SUSE bug 1000711cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7538SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
ModerateCVE-2016-7538SUSE bug 1000712cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7539SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
ModerateCVE-2016-7539SUSE bug 1000715cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7540SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format.
ModerateCVE-2016-7540SUSE bug 1000394cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7543SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
ModerateCVE-2016-7543SUSE bug 1001299SUSE bug 1159416cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7567SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.
ModerateCVE-2016-7567SUSE bug 1001600SUSE bug 1074356cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7568SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
ModerateCVE-2016-7568SUSE bug 1001900cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7586SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site.
ModerateCVE-2016-7586SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7587SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7587SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7589SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7589SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7592SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site.
ModerateCVE-2016-7592SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7598SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory via a crafted web site.
ModerateCVE-2016-7598SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7599SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses HTTP redirects.
ModerateCVE-2016-7599SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7610SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7610SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7623SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a blob URL on a web site.
ModerateCVE-2016-7623SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7632SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7632SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7635SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7635SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7639SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7639SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7641SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7641SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7645SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7645SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7652SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7652SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7654SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7654SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7656SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2016-7656SUSE bug 1020950cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7777SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it.
ModerateCVE-2016-7777SUSE bug 1000106cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7795SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
ModerateCVE-2016-7795SUSE bug 1001765cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7796SUSE Linux Enterprise Desktop 12 SP1
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
ModerateCVE-2016-7796SUSE bug 1001765cpe:/o:suse:sled:12:sp1CVE-2016-7799SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
ModerateCVE-2016-7799SUSE bug 1002421cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7800SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
ModerateCVE-2016-7800SUSE bug 1002422cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7837SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.
ModerateCVE-2016-7837SUSE bug 1026652cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7855SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.
ModerateCVE-2016-7855SUSE bug 1007098cpe:/o:suse:sled:12:sp1CVE-2016-7857SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
ModerateCVE-2016-7857SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7858SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7858SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7859SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7859SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7860SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7860SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7861SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7861SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7862SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7862SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7863SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7863SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7864SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7864SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7865SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7865SUSE bug 1009217cpe:/o:suse:sled:12:sp1CVE-2016-7867SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7867SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7868SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7868SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7869SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7869SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7870SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7870SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7871SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7871SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7872SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7872SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7873SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7873SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7874SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7874SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7875SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7875SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7876SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7876SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7877SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7877SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7878SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7878SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7879SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7879SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7880SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7880SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7881SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7881SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7890SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
CriticalCVE-2016-7890SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7892SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2016-7892SUSE bug 1015379cpe:/o:suse:sled:12:sp1CVE-2016-7907SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
ModerateCVE-2016-7907SUSE bug 1002549cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7908SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
ModerateCVE-2016-7908SUSE bug 1002550SUSE bug 1003030cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7909SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0.
ModerateCVE-2016-7909SUSE bug 1002557SUSE bug 1003032cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7910SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.
ModerateCVE-2016-7910SUSE bug 1010716SUSE bug 1196722cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-7911SUSE Linux Enterprise Desktop 12 SP1
Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.
ModerateCVE-2016-7911SUSE bug 1010711SUSE bug 1010713cpe:/o:suse:sled:12:sp1CVE-2016-7912SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call.
ModerateCVE-2016-7912SUSE bug 1010480SUSE bug 1010481cpe:/o:suse:sled:12:sp1CVE-2016-7913SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
ModerateCVE-2016-7913SUSE bug 1010478cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7914SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite.
ModerateCVE-2016-7914SUSE bug 1010475cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7916SUSE Linux Enterprise Desktop 12 SP4
Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete.
ModerateCVE-2016-7916SUSE bug 1010467cpe:/o:suse:sled:12:sp4CVE-2016-7917SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.
ModerateCVE-2016-7917SUSE bug 1010444cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-7922SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
ModerateCVE-2016-7922SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7923SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
ModerateCVE-2016-7923SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7924SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
ModerateCVE-2016-7924SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7925SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
ModerateCVE-2016-7925SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7926SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
ModerateCVE-2016-7926SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7927SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().
ModerateCVE-2016-7927SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7928SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
ModerateCVE-2016-7928SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7929SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
ModerateCVE-2016-7929SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7930SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
ModerateCVE-2016-7930SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7931SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
ModerateCVE-2016-7931SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7932SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
ModerateCVE-2016-7932SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7933SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
ModerateCVE-2016-7933SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7934SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
ModerateCVE-2016-7934SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7935SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
ModerateCVE-2016-7935SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7936SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
ModerateCVE-2016-7936SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7937SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
ModerateCVE-2016-7937SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7938SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().
ModerateCVE-2016-7938SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7939SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
ModerateCVE-2016-7939SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7940SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
ModerateCVE-2016-7940SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7942SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
ModerateCVE-2016-7942SUSE bug 1002991SUSE bug 1174752cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7944SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
ModerateCVE-2016-7944SUSE bug 1002995cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7945SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
ModerateCVE-2016-7945SUSE bug 1002998SUSE bug 1134167SUSE bug 1159415cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7946SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
ModerateCVE-2016-7946SUSE bug 1002998SUSE bug 1134167SUSE bug 1159415cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7947SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
ModerateCVE-2016-7947SUSE bug 1003000SUSE bug 1159415cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7948SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
ModerateCVE-2016-7948SUSE bug 1003000SUSE bug 1159415cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7949SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
ModerateCVE-2016-7949SUSE bug 1003002SUSE bug 1015442SUSE bug 1123146cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7950SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
ModerateCVE-2016-7950SUSE bug 1003002SUSE bug 1015442SUSE bug 1123146cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7951SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.
ModerateCVE-2016-7951SUSE bug 1003012SUSE bug 1159415cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7952SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
ModerateCVE-2016-7952SUSE bug 1003012SUSE bug 1159415cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7953SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
ModerateCVE-2016-7953SUSE bug 1003023SUSE bug 1159415cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7957SUSE Linux Enterprise Desktop 12 SP1
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings.
ModerateCVE-2016-7957SUSE bug 1033717cpe:/o:suse:sled:12:sp1CVE-2016-7958SUSE Linux Enterprise Desktop 12 SP1
In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/CMakeLists.txt by registering this dissector.
ModerateCVE-2016-7958SUSE bug 1033712cpe:/o:suse:sled:12:sp1CVE-2016-7969SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
ModerateCVE-2016-7969SUSE bug 1002982cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7970SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.
ModerateCVE-2016-7970SUSE bug 1002982cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-7971SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2016-7971SUSE bug 1002982cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-7972SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
ModerateCVE-2016-7972SUSE bug 1002982cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7973SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
ModerateCVE-2016-7973SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7974SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
ModerateCVE-2016-7974SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7975SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
ModerateCVE-2016-7975SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7976SUSE Linux Enterprise Desktop 12 SP4
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
ImportantCVE-2016-7976SUSE bug 1001951SUSE bug 1004237cpe:/o:suse:sled:12:sp4CVE-2016-7977SUSE Linux Enterprise Desktop 12 SP4
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
ImportantCVE-2016-7977SUSE bug 1001951SUSE bug 1004237SUSE bug 1095610cpe:/o:suse:sled:12:sp4CVE-2016-7978SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
ImportantCVE-2016-7978SUSE bug 1001951SUSE bug 1004237cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7979SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
ImportantCVE-2016-7979SUSE bug 1001951SUSE bug 1004237cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7983SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
ModerateCVE-2016-7983SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7984SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
ModerateCVE-2016-7984SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7985SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
ModerateCVE-2016-7985SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7986SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
ModerateCVE-2016-7986SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7992SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
ModerateCVE-2016-7992SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7993SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
ModerateCVE-2016-7993SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7994SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CREATE_2D commands.
ModerateCVE-2016-7994SUSE bug 1003613cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7995SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes.
ModerateCVE-2016-7995SUSE bug 1003612SUSE bug 1003870cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7996SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
ImportantCVE-2016-7996SUSE bug 1003629SUSE bug 1067184cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-7997SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
ImportantCVE-2016-7997SUSE bug 1003629cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8283SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
ModerateCVE-2016-8283SUSE bug 1005582SUSE bug 1008318cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8318SUSE Linux Enterprise Desktop 12 SP1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).
ImportantCVE-2016-8318SUSE bug 1020868SUSE bug 1020872cpe:/o:suse:sled:12:sp1CVE-2016-8327SUSE Linux Enterprise Desktop 12 SP1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).
ModerateCVE-2016-8327SUSE bug 1020868SUSE bug 1020893SUSE bug 1053919cpe:/o:suse:sled:12:sp1CVE-2016-8331SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality.
ModerateCVE-2016-8331SUSE bug 1007276cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8332SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector.
ImportantCVE-2016-8332SUSE bug 1002414SUSE bug 1007739SUSE bug 1007744SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8399SUSE Linux Enterprise Desktop 12 SP1
An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.
ModerateCVE-2016-8399SUSE bug 1014746cpe:/o:suse:sled:12:sp1CVE-2016-8492SUSE Linux Enterprise Desktop 12 SP3
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.
ModerateCVE-2016-8492SUSE bug 1065013cpe:/o:suse:sled:12:sp3CVE-2016-8574SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
ModerateCVE-2016-8574SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8575SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.
ModerateCVE-2016-8575SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8576SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process.
ModerateCVE-2016-8576SUSE bug 1003878SUSE bug 1004016cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8577SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O read operation.
ModerateCVE-2016-8577SUSE bug 1003893SUSE bug 1004021cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8578SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) by sending an empty string parameter to a 9P operation.
ModerateCVE-2016-8578SUSE bug 1003894SUSE bug 1004023cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8601SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue in a "generally available" software product. Notes: none.
ModerateCVE-2016-8601SUSE bug 1004232cpe:/o:suse:sled:12:sp1CVE-2016-8602SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
ModerateCVE-2016-8602SUSE bug 1001951SUSE bug 1004237SUSE bug 1036453cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8605SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected.
LowCVE-2016-8605SUSE bug 1004221cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8606SUSE Linux Enterprise Desktop 12 SP1
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
LowCVE-2016-8606SUSE bug 1004226cpe:/o:suse:sled:12:sp1CVE-2016-8610SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
ModerateCVE-2016-8610SUSE bug 1005878SUSE bug 1005879SUSE bug 1120592SUSE bug 1126909SUSE bug 1148697SUSE bug 982575cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8615SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar.
ModerateCVE-2016-8615SUSE bug 1005633cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8616SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version of the correct password.
LowCVE-2016-8616SUSE bug 1005634cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8617SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`.
ModerateCVE-2016-8617SUSE bug 1005635cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8618SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.
ModerateCVE-2016-8618SUSE bug 1005637cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8619SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free.
ModerateCVE-2016-8619SUSE bug 1005638cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8620SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input.
ModerateCVE-2016-8620SUSE bug 1005640cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8621SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short.
ModerateCVE-2016-8621SUSE bug 1005642cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8622SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get either just truncated or both truncated and turned negative. That could then lead to libcurl writing outside of its heap based buffer.
ModerateCVE-2016-8622SUSE bug 1005643cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8623SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.
ModerateCVE-2016-8623SUSE bug 1005645cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8624SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL parser that follows the RFC to check for allowed domains before using curl to request them.
ModerateCVE-2016-8624SUSE bug 1005646cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8625SUSE Linux Enterprise Desktop 12 SP4
curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.
ModerateCVE-2016-8625SUSE bug 1005649cpe:/o:suse:sled:12:sp4CVE-2016-8630SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction.
ModerateCVE-2016-8630SUSE bug 1009222cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8632SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.
ModerateCVE-2016-8632SUSE bug 1008831SUSE bug 1012852cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8633SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
ModerateCVE-2016-8633SUSE bug 1008833cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8635SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.
ModerateCVE-2016-8635SUSE bug 1015422SUSE bug 1015547cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8636SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infiniband" (aka Soft RoCE) technology.
ModerateCVE-2016-8636SUSE bug 1024908cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8637SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or credentials.
ModerateCVE-2016-8637SUSE bug 1008340cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8645SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.
ModerateCVE-2016-8645SUSE bug 1009969cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-8646SUSE Linux Enterprise Desktop 12 SP1
The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.
ModerateCVE-2016-8646SUSE bug 1010150cpe:/o:suse:sled:12:sp1CVE-2016-8650SUSE Linux Enterprise Desktop 12 SP4
The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.
ImportantCVE-2016-8650SUSE bug 1011820cpe:/o:suse:sled:12:sp4CVE-2016-8654SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.
ModerateCVE-2016-8654SUSE bug 1012530SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8655SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.
ModerateCVE-2016-8655SUSE bug 1012754SUSE bug 1012759SUSE bug 1013822SUSE bug 1052365cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8658SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket.
ModerateCVE-2016-8658SUSE bug 1004462cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8660SUSE Linux Enterprise Desktop 12 SP1
The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation."
ModerateCVE-2016-8660SUSE bug 1004532cpe:/o:suse:sled:12:sp1CVE-2016-8666SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039.
ImportantCVE-2016-8666SUSE bug 1001486SUSE bug 1001487SUSE bug 1003964cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-8667SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
ModerateCVE-2016-8667SUSE bug 1004702SUSE bug 1005004cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8668SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size.
ModerateCVE-2016-8668SUSE bug 1004706cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8669SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.
ModerateCVE-2016-8669SUSE bug 1004707SUSE bug 1005005cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8670SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.
ModerateCVE-2016-8670SUSE bug 1004924cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8677SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.
ModerateCVE-2016-8677SUSE bug 1005328cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8678SUSE Linux Enterprise Desktop 12 SP1
The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."
ModerateCVE-2016-8678SUSE bug 1005344cpe:/o:suse:sled:12:sp1CVE-2016-8682SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
ModerateCVE-2016-8682SUSE bug 1005125cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8683SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
ModerateCVE-2016-8683SUSE bug 1005127cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8684SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
ModerateCVE-2016-8684SUSE bug 1005123cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8687SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
ModerateCVE-2016-8687SUSE bug 1005070cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8688SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
ModerateCVE-2016-8688SUSE bug 1005076cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8689SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.
ModerateCVE-2016-8689SUSE bug 1005072cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8690SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
ModerateCVE-2016-8690SUSE bug 1005084SUSE bug 1007009SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8691SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
ModerateCVE-2016-8691SUSE bug 1005090SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8692SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.
ModerateCVE-2016-8692SUSE bug 1005090SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8693SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
ImportantCVE-2016-8693SUSE bug 1005242SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8707SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.
ModerateCVE-2016-8707SUSE bug 1014159cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8858SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
ModerateCVE-2016-8858SUSE bug 1005480cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8862SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
ModerateCVE-2016-8862SUSE bug 1007245SUSE bug 1009318SUSE bug 1031267cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8864SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
ImportantCVE-2016-8864SUSE bug 1007829SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1020526SUSE bug 1024130SUSE bug 1033466cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8866SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
ModerateCVE-2016-8866SUSE bug 1007245SUSE bug 1009318SUSE bug 1031267cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8880SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4516. Reason: This candidate is a duplicate of CVE-2011-4516. Notes: All CVE users should reference CVE-2011-4516 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-8880SUSE bug 1006591SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8881SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4517. Reason: This candidate is a duplicate of CVE-2011-4517. Notes: All CVE users should reference CVE-2011-4517 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-8881SUSE bug 1006593SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8882SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
ModerateCVE-2016-8882SUSE bug 1006597SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8883SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
LowCVE-2016-8883SUSE bug 1006598SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8884SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690.
LowCVE-2016-8884SUSE bug 1005084SUSE bug 1007009SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8885SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.
LowCVE-2016-8885SUSE bug 1005084SUSE bug 1007009SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8886SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jas_malloc function in libjasper/base/jas_malloc.c in JasPer before 1.900.11 allows remote attackers to have unspecified impact via a crafted file, which triggers a memory allocation failure.
LowCVE-2016-8886SUSE bug 1006599SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8887SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).
LowCVE-2016-8887SUSE bug 1006836SUSE bug 1006839SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8909SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
ModerateCVE-2016-8909SUSE bug 1006536SUSE bug 1007160cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-8910SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
ModerateCVE-2016-8910SUSE bug 1006538SUSE bug 1007157SUSE bug 1024178cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9015SUSE Linux Enterprise Desktop 12 SP4
Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the library with those configurations at risk of man-in-the-middle and information leakage attacks. This vulnerability affects users using versions 1.17 and 1.18 of the urllib3 library, who are using the optional PyOpenSSL support for TLS instead of the regular standard library TLS backend, and who are using OpenSSL 1.1.0 via PyOpenSSL. This is an extremely uncommon configuration, so the security impact of this vulnerability is low.
LowCVE-2016-9015SUSE bug 1023502SUSE bug 1024540cpe:/o:suse:sled:12:sp4CVE-2016-9042SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
ModerateCVE-2016-9042SUSE bug 1030050SUSE bug 1038049cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9061SUSE Linux Enterprise Desktop 12 SP1
A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9061SUSE bug 1009026SUSE bug 1010418cpe:/o:suse:sled:12:sp1CVE-2016-9062SUSE Linux Enterprise Desktop 12 SP1
Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9062SUSE bug 1009026SUSE bug 1010419cpe:/o:suse:sled:12:sp1CVE-2016-9063SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.
CriticalCVE-2016-9063SUSE bug 1009026SUSE bug 1010424SUSE bug 1047240SUSE bug 1123115cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9064SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.
ModerateCVE-2016-9064SUSE bug 1009026SUSE bug 1010402cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9065SUSE Linux Enterprise Desktop 12 SP1
The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9065SUSE bug 1009026SUSE bug 1010403cpe:/o:suse:sled:12:sp1CVE-2016-9066SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
ModerateCVE-2016-9066SUSE bug 1009026SUSE bug 1010404cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9067SUSE Linux Enterprise Desktop 12 SP4
Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9067SUSE bug 1009026SUSE bug 1010405cpe:/o:suse:sled:12:sp4CVE-2016-9068SUSE Linux Enterprise Desktop 12 SP4
A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9068SUSE bug 1009026SUSE bug 1010406cpe:/o:suse:sled:12:sp4CVE-2016-9069SUSE Linux Enterprise Desktop 12 SP4
A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9069SUSE bug 1009026SUSE bug 1010405cpe:/o:suse:sled:12:sp4CVE-2016-9071SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. This vulnerability affects Firefox < 50.
LowCVE-2016-9071SUSE bug 1009026SUSE bug 1010425cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2016-9072SUSE Linux Enterprise Desktop 12 SP1
When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9072SUSE bug 1009026SUSE bug 1010407cpe:/o:suse:sled:12:sp1CVE-2016-9073SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9073SUSE bug 1009026SUSE bug 1010421cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2016-9074SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
ModerateCVE-2016-9074SUSE bug 1009026SUSE bug 1010422cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9075SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9075SUSE bug 1009026SUSE bug 1010408cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2016-9076SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue where a "<select>" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9076SUSE bug 1009026SUSE bug 1010423cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2016-9077SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox < 50.
ModerateCVE-2016-9077SUSE bug 1009026SUSE bug 1010409cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2016-9078SUSE Linux Enterprise Desktop 12 SP1
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox < 50.0.1.
ModerateCVE-2016-9078SUSE bug 1012807cpe:/o:suse:sled:12:sp1CVE-2016-9079SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
ModerateCVE-2016-9079SUSE bug 1012964cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9082SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file.
ModerateCVE-2016-9082SUSE bug 1007255cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9083SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."
LowCVE-2016-9083SUSE bug 1007197cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-9084SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
LowCVE-2016-9084SUSE bug 1007197cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-9101SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.
ModerateCVE-2016-9101SUSE bug 1007391SUSE bug 1013668SUSE bug 1024181cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9102SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number.
ModerateCVE-2016-9102SUSE bug 1007450SUSE bug 1014256cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9103SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them.
ModerateCVE-2016-9103SUSE bug 1007454SUSE bug 1014259cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9104SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.
ModerateCVE-2016-9104SUSE bug 1007493SUSE bug 1014297SUSE bug 1034990cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9105SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
ModerateCVE-2016-9105SUSE bug 1007494SUSE bug 1014279cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9106SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector.
ModerateCVE-2016-9106SUSE bug 1007495SUSE bug 1014299cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9112SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.
ModerateCVE-2016-9112SUSE bug 1007739SUSE bug 1007744SUSE bug 1007747SUSE bug 1015662SUSE bug 1056396cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9113SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
ModerateCVE-2016-9113SUSE bug 1007739SUSE bug 1007744SUSE bug 1007747SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9114SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
ModerateCVE-2016-9114SUSE bug 1007739SUSE bug 1007740SUSE bug 1007744SUSE bug 1007747SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9115SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
ModerateCVE-2016-9115SUSE bug 1007739SUSE bug 1007741SUSE bug 1007744SUSE bug 1007747SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9116SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
ModerateCVE-2016-9116SUSE bug 1007739SUSE bug 1007742SUSE bug 1007744SUSE bug 1007747SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9117SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
ModerateCVE-2016-9117SUSE bug 1007739SUSE bug 1007743SUSE bug 1007744SUSE bug 1007747SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9118SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.
ModerateCVE-2016-9118SUSE bug 1007739SUSE bug 1007744SUSE bug 1007747SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9120SUSE Linux Enterprise Desktop 12 SP1
Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.
CriticalCVE-2016-9120SUSE bug 1014747cpe:/o:suse:sled:12:sp1CVE-2016-9131SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.
ImportantCVE-2016-9131SUSE bug 1018699SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1033466cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9137SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.
ModerateCVE-2016-9137SUSE bug 1008026SUSE bug 1008029cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-9147SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.
ImportantCVE-2016-9147SUSE bug 1018699SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1033466SUSE bug 1081545cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9178SUSE Linux Enterprise Desktop 12 SP4
The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call.
LowCVE-2016-9178SUSE bug 1008650SUSE bug 1012353cpe:/o:suse:sled:12:sp4CVE-2016-9191SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity.
ModerateCVE-2016-9191SUSE bug 1008842SUSE bug 1027179cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-9262SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities.
ModerateCVE-2016-9262SUSE bug 1009994SUSE bug 1178702cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9273SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.
ModerateCVE-2016-9273SUSE bug 1010163SUSE bug 1017693SUSE bug 1150480cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9297SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.
ModerateCVE-2016-9297SUSE bug 1010161SUSE bug 1011103cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9298SUSE Linux Enterprise Desktop 12 SP1
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.
ModerateCVE-2016-9298SUSE bug 1010164cpe:/o:suse:sled:12:sp1CVE-2016-9310SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.
ModerateCVE-2016-9310SUSE bug 1011377SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9311SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
ModerateCVE-2016-9311SUSE bug 1011377SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9312SUSE Linux Enterprise Desktop 12 SP1
ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet.
ModerateCVE-2016-9312SUSE bug 1011401SUSE bug 1011421SUSE bug 1012330cpe:/o:suse:sled:12:sp1CVE-2016-9313SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified other impact via a crafted application that uses the big_key data type.
ModerateCVE-2016-9313SUSE bug 1012356cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9317SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.
ModerateCVE-2016-9317SUSE bug 1022283cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9318SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.
ModerateCVE-2016-9318SUSE bug 1010675SUSE bug 1014873SUSE bug 1019074SUSE bug 1118959SUSE bug 1123919SUSE bug 1126613SUSE bug 1148896cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9373SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings.
ModerateCVE-2016-9373SUSE bug 1010754SUSE bug 1010911cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9374SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable.
ModerateCVE-2016-9374SUSE bug 1010752SUSE bug 1010911cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9375SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.
ModerateCVE-2016-9375SUSE bug 1010740SUSE bug 1010911cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9376SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large.
ModerateCVE-2016-9376SUSE bug 1010735SUSE bug 1010911cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9377SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation.
ModerateCVE-2016-9377SUSE bug 1009108cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9378SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery.
ModerateCVE-2016-9378SUSE bug 1009108cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9379SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file.
ModerateCVE-2016-9379SUSE bug 1009111cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9380SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
ModerateCVE-2016-9380SUSE bug 1009111cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9381SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
ImportantCVE-2016-9381SUSE bug 1009109cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9382SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
ModerateCVE-2016-9382SUSE bug 1009103cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9383SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.
ModerateCVE-2016-9383SUSE bug 1009107cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9384SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table.
ModerateCVE-2016-9384SUSE bug 1009105cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9385SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
ModerateCVE-2016-9385SUSE bug 1009104cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9386SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
ModerateCVE-2016-9386SUSE bug 1009100cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9387SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.
ModerateCVE-2016-9387SUSE bug 1010960cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2016-9388SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
ModerateCVE-2016-9388SUSE bug 1010975SUSE bug 1178702cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9389SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service (assertion failure).
ModerateCVE-2016-9389SUSE bug 1010968SUSE bug 1178702cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9390SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
ModerateCVE-2016-9390SUSE bug 1010774SUSE bug 1178702cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9391SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer.
ModerateCVE-2016-9391SUSE bug 1010782SUSE bug 1178702cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9392SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
ModerateCVE-2016-9392SUSE bug 1010757SUSE bug 1178702cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9393SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
ModerateCVE-2016-9393SUSE bug 1010757SUSE bug 1010766SUSE bug 1178702cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9394SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
ModerateCVE-2016-9394SUSE bug 1010756SUSE bug 1010757SUSE bug 1178702cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9395SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
ModerateCVE-2016-9395SUSE bug 1010977SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9396SUSE Linux Enterprise Desktop 12 SP4
The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service (JPC_COX_RFT assertion failure) via unspecified vectors.
ModerateCVE-2016-9396SUSE bug 1010783SUSE bug 1021871SUSE bug 1082397SUSE bug 1178702cpe:/o:suse:sled:12:sp4CVE-2016-9398SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
ModerateCVE-2016-9398SUSE bug 1010979SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9401SUSE Linux Enterprise Desktop 12 SP2
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
ModerateCVE-2016-9401SUSE bug 1010845SUSE bug 1123788SUSE bug 1159416cpe:/o:suse:sled:12:sp2CVE-2016-9427SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.
ModerateCVE-2016-9427SUSE bug 1011276SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9434SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9434SUSE bug 1011283SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9435SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.
ModerateCVE-2016-9435SUSE bug 1011284SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9436SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag.
ModerateCVE-2016-9436SUSE bug 1011285SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9437SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.
ModerateCVE-2016-9437SUSE bug 1011286SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9438SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9438SUSE bug 1011287SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9439SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
ModerateCVE-2016-9439SUSE bug 1011288SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9440SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9440SUSE bug 1011289SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9441SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9441SUSE bug 1011290SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9442SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.
ModerateCVE-2016-9442SUSE bug 1011291SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9443SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9443SUSE bug 1011292SUSE bug 1011293cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9444SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.
ImportantCVE-2016-9444SUSE bug 1018699SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1033466cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9445SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.
ModerateCVE-2016-9445SUSE bug 1010829cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9446SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.
ModerateCVE-2016-9446SUSE bug 1010829cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9447SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
ImportantCVE-2016-9447SUSE bug 1010514cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9448SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.
ModerateCVE-2016-9448SUSE bug 1010161SUSE bug 1011103cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9453SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.
ModerateCVE-2016-9453SUSE bug 1007280SUSE bug 1011107cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9538SUSE Linux Enterprise Desktop 12 SP4
tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100.
ModerateCVE-2016-9538SUSE bug 1004519SUSE bug 1011841cpe:/o:suse:sled:12:sp4CVE-2016-9555SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
ModerateCVE-2016-9555SUSE bug 1011685SUSE bug 1012183cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9556SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
ModerateCVE-2016-9556SUSE bug 1011130SUSE bug 1013376cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9559SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
ModerateCVE-2016-9559SUSE bug 1011136cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9560SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
ModerateCVE-2016-9560SUSE bug 1011830SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9572SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.
ModerateCVE-2016-9572SUSE bug 1007739SUSE bug 1007744SUSE bug 1014543SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9573SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.
ModerateCVE-2016-9573SUSE bug 1007739SUSE bug 1007744SUSE bug 1014543SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9574SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA.
ImportantCVE-2016-9574SUSE bug 1015499SUSE bug 1035082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9576SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.
ImportantCVE-2016-9576SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1019079SUSE bug 1019668cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9577SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
ImportantCVE-2016-9577SUSE bug 1023078cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9578SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.
ImportantCVE-2016-9578SUSE bug 1023078SUSE bug 1023079cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9580SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.
ModerateCVE-2016-9580SUSE bug 1007739SUSE bug 1007744SUSE bug 1014975SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9581SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.
ModerateCVE-2016-9581SUSE bug 1007739SUSE bug 1007744SUSE bug 1014975SUSE bug 1015662cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9583SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.
ModerateCVE-2016-9583SUSE bug 1015400SUSE bug 1178702cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9584SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.
ModerateCVE-2016-9584SUSE bug 1015964cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9586SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.
ModerateCVE-2016-9586SUSE bug 1015332cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9588SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.
ModerateCVE-2016-9588SUSE bug 1015703SUSE bug 1017512cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-9591SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
ModerateCVE-2016-9591SUSE bug 1015993SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9594SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.
ModerateCVE-2016-9594SUSE bug 1016738SUSE bug 1017161SUSE bug 1042181cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-9597SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.
ModerateCVE-2016-9597SUSE bug 1014873SUSE bug 1017497SUSE bug 1123919cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9598SUSE Linux Enterprise Desktop 12 SP1
libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483.
ModerateCVE-2016-9598SUSE bug 1026099SUSE bug 1026101cpe:/o:suse:sled:12:sp1CVE-2016-9600SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
LowCVE-2016-9600SUSE bug 1018088SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9601SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.
LowCVE-2016-9601SUSE bug 1018128SUSE bug 1036453cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9602SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.
ModerateCVE-2016-9602SUSE bug 1020427cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9603SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
ModerateCVE-2016-9603SUSE bug 1028655SUSE bug 1028656SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-9604SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.
ModerateCVE-2016-9604SUSE bug 1035576cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2016-9621SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9429. Reason: This candidate is a reservation duplicate of CVE-2016-9429. Notes: All CVE users should reference CVE-2016-9429 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-9621SUSE bug 1011278SUSE bug 1011293SUSE bug 1012020cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9622SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9622SUSE bug 1011293SUSE bug 1012021cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9623SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9623SUSE bug 1011293SUSE bug 1012022cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9624SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9624SUSE bug 1011293SUSE bug 1012023cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9625SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
ModerateCVE-2016-9625SUSE bug 1011293SUSE bug 1012024cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9626SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
ModerateCVE-2016-9626SUSE bug 1011293SUSE bug 1012025cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9627SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.
ModerateCVE-2016-9627SUSE bug 1011293SUSE bug 1012026cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9628SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9628SUSE bug 1011293SUSE bug 1012027cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9629SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9629SUSE bug 1011293SUSE bug 1012028cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9630SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
ModerateCVE-2016-9630SUSE bug 1011293SUSE bug 1012029cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9631SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9631SUSE bug 1011293SUSE bug 1012030cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9632SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
ModerateCVE-2016-9632SUSE bug 1011293SUSE bug 1012031cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9633SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
ModerateCVE-2016-9633SUSE bug 1011293SUSE bug 1012032cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9634SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.
ModerateCVE-2016-9634SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9635SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.
ModerateCVE-2016-9635SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1013653cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9636SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.
ModerateCVE-2016-9636SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9637SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
ModerateCVE-2016-9637SUSE bug 1011652cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9644SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels.
ModerateCVE-2016-9644SUSE bug 1008650SUSE bug 1012353cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-9685SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.
ModerateCVE-2016-9685SUSE bug 1012832cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-9755SUSE Linux Enterprise Desktop 12 SP1
The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.
ImportantCVE-2016-9755SUSE bug 1013060cpe:/o:suse:sled:12:sp1CVE-2016-9756SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
ModerateCVE-2016-9756SUSE bug 1013038cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9773SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.
ModerateCVE-2016-9773SUSE bug 1011130SUSE bug 1013376SUSE bug 1017421cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9776SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS.
ModerateCVE-2016-9776SUSE bug 1013285SUSE bug 1013657SUSE bug 1024182SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9777SUSE Linux Enterprise Desktop 12 SP1
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.
ImportantCVE-2016-9777SUSE bug 1013283cpe:/o:suse:sled:12:sp1CVE-2016-9778SUSE Linux Enterprise Desktop 12 SP1
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.
ImportantCVE-2016-9778SUSE bug 1018699SUSE bug 1018703cpe:/o:suse:sled:12:sp1CVE-2016-9793SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
ModerateCVE-2016-9793SUSE bug 1013531SUSE bug 1013542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-9794SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.
ModerateCVE-2016-9794SUSE bug 1013533SUSE bug 1013543SUSE bug 1013604cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9797SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
LowCVE-2016-9797SUSE bug 1013708SUSE bug 1013712cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9798SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
LowCVE-2016-9798SUSE bug 1013708SUSE bug 1013712SUSE bug 1013732cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9799SUSE Linux Enterprise Desktop 12 SP1
In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
LowCVE-2016-9799SUSE bug 1013716cpe:/o:suse:sled:12:sp1CVE-2016-9800SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter.
LowCVE-2016-9800SUSE bug 1013721cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9801SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.
LowCVE-2016-9801SUSE bug 1013732cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9802SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
LowCVE-2016-9802SUSE bug 1013893SUSE bug 1015173cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9804SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
ModerateCVE-2016-9804SUSE bug 1013877cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9806SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.
ModerateCVE-2016-9806SUSE bug 1013540SUSE bug 1017589cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9807SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.
ImportantCVE-2016-9807SUSE bug 1013655cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9808SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.
ImportantCVE-2016-9808SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1013653cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9809SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
ModerateCVE-2016-9809SUSE bug 1013659cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9810SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call.
ModerateCVE-2016-9810SUSE bug 1013663cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9811SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
ModerateCVE-2016-9811SUSE bug 1013669cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9812SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.
ModerateCVE-2016-9812SUSE bug 1013678cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9813SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
ImportantCVE-2016-9813SUSE bug 1013680cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9815SUSE Linux Enterprise Desktop 12 SP1
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort.
ModerateCVE-2016-9815SUSE bug 1012652cpe:/o:suse:sled:12:sp1CVE-2016-9816SUSE Linux Enterprise Desktop 12 SP1
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2.
ModerateCVE-2016-9816SUSE bug 1012652cpe:/o:suse:sled:12:sp1CVE-2016-9817SUSE Linux Enterprise Desktop 12 SP1
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set.
ModerateCVE-2016-9817SUSE bug 1012652cpe:/o:suse:sled:12:sp1CVE-2016-9818SUSE Linux Enterprise Desktop 12 SP1
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP.
ModerateCVE-2016-9818SUSE bug 1012652cpe:/o:suse:sled:12:sp1CVE-2016-9840SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
ModerateCVE-2016-9840SUSE bug 1003579SUSE bug 1022633SUSE bug 1023215SUSE bug 1038505SUSE bug 1120866SUSE bug 1123150cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9841SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
ModerateCVE-2016-9841SUSE bug 1003579SUSE bug 1022633SUSE bug 1038505SUSE bug 1064070SUSE bug 1070162SUSE bug 1120866SUSE bug 1123150cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9842SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
ModerateCVE-2016-9842SUSE bug 1003580SUSE bug 1022633SUSE bug 1023215SUSE bug 1038505SUSE bug 1120866SUSE bug 1123150cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9843SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
ModerateCVE-2016-9843SUSE bug 1003580SUSE bug 1013882SUSE bug 1038505SUSE bug 1116686SUSE bug 1120866SUSE bug 1123150cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9844SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header.
ModerateCVE-2016-9844SUSE bug 1013992SUSE bug 1159417cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9845SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes.
ModerateCVE-2016-9845SUSE bug 1013767cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9846SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in update_cursor_data_virgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host.
ModerateCVE-2016-9846SUSE bug 1013764cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9893SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
ModerateCVE-2016-9893SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9895SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
ModerateCVE-2016-9895SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9897SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
ModerateCVE-2016-9897SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9898SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
ModerateCVE-2016-9898SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9899SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
ModerateCVE-2016-9899SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9900SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
ModerateCVE-2016-9900SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9901SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.
ModerateCVE-2016-9901SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9902SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.
ModerateCVE-2016-9902SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9904SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
ModerateCVE-2016-9904SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9905SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
ModerateCVE-2016-9905SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9907SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.
ModerateCVE-2016-9907SUSE bug 1014109SUSE bug 1014490cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9908SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET' command. A guest user/process could use this flaw to leak contents of the host memory bytes.
LowCVE-2016-9908SUSE bug 1014514cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9911SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.
ModerateCVE-2016-9911SUSE bug 1014111SUSE bug 1014507cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9912SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtio_gpu_resource_destroy'. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host.
ModerateCVE-2016-9912SUSE bug 1014112cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9913SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) via vectors involving the order of resource cleanup.
ModerateCVE-2016-9913SUSE bug 1014110SUSE bug 1014311cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9914SUSE Linux Enterprise Desktop 12 SP1
Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.
ModerateCVE-2016-9914SUSE bug 1014110SUSE bug 1014311cpe:/o:suse:sled:12:sp1CVE-2016-9915SUSE Linux Enterprise Desktop 12 SP1
Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.
ModerateCVE-2016-9915SUSE bug 1014110SUSE bug 1014311cpe:/o:suse:sled:12:sp1CVE-2016-9916SUSE Linux Enterprise Desktop 12 SP1
Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.
ModerateCVE-2016-9916SUSE bug 1014110SUSE bug 1014311cpe:/o:suse:sled:12:sp1CVE-2016-9917SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
ModerateCVE-2016-9917SUSE bug 1015171cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9918SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
ModerateCVE-2016-9918SUSE bug 1013893SUSE bug 1015173cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9919SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.
ModerateCVE-2016-9919SUSE bug 1014701SUSE bug 1014743cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2016-9921SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.
ModerateCVE-2016-9921SUSE bug 1014702SUSE bug 1015169SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9922SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
ModerateCVE-2016-9922SUSE bug 1014702SUSE bug 1015169SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9923SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.
ModerateCVE-2016-9923SUSE bug 1014703SUSE bug 1015145SUSE bug 1015148SUSE bug 1015154cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9932SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.
ModerateCVE-2016-9932SUSE bug 1012651SUSE bug 1016340cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9933SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.
ModerateCVE-2016-9933SUSE bug 1015187cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9941SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
ModerateCVE-2016-9941SUSE bug 1017711SUSE bug 1019274cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-9942SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
ModerateCVE-2016-9942SUSE bug 1017712SUSE bug 1019274cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2016-9952SUSE Linux Enterprise Desktop 12 SP3
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com."
ModerateCVE-2016-9952SUSE bug 1092958cpe:/o:suse:sled:12:sp3CVE-2016-9953SUSE Linux Enterprise Desktop 12 SP3
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.
ImportantCVE-2016-9953SUSE bug 1092956cpe:/o:suse:sled:12:sp3CVE-2016-9957SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in game-music-emu before 0.6.1.
ModerateCVE-2016-9957SUSE bug 1015941cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9958SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
ModerateCVE-2016-9958SUSE bug 1015941cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9959SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
ModerateCVE-2016-9959SUSE bug 1015941cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9960SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
ModerateCVE-2016-9960SUSE bug 1015941cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9961SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
game-music-emu before 0.6.1 mishandles unspecified integer values.
ModerateCVE-2016-9961SUSE bug 1015941cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2016-9969SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libwebp 0.5.1, there is a double free bug in libwebpmux.
LowCVE-2016-9969SUSE bug 1136199cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-0358SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.
ModerateCVE-2017-0358SUSE bug 1022500SUSE bug 1022999SUSE bug 1086936cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-0379SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
ModerateCVE-2017-0379SUSE bug 1055837cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2017-0381SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.
ModerateCVE-2017-0381SUSE bug 1020102cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-0564SUSE Linux Enterprise Desktop 12 SP1
An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34276203.
CriticalCVE-2017-0564SUSE bug 1033200cpe:/o:suse:sled:12:sp1CVE-2017-0605SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2017-0605SUSE bug 1037331cpe:/o:suse:sled:12:sp1CVE-2017-0627SUSE Linux Enterprise Desktop 12 SP1
An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33300353.
ModerateCVE-2017-0627SUSE bug 1037340cpe:/o:suse:sled:12:sp1CVE-2017-0630SUSE Linux Enterprise Desktop 12 SP1
An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34277115.
ModerateCVE-2017-0630SUSE bug 1037338cpe:/o:suse:sled:12:sp1CVE-2017-0641SUSE Linux Enterprise Desktop 12 SP3
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34360591.
ModerateCVE-2017-0641SUSE bug 1056539cpe:/o:suse:sled:12:sp3CVE-2017-0663SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.
ImportantCVE-2017-0663SUSE bug 1044337SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-0750SUSE Linux Enterprise Desktop 12 SP3
A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013.
ImportantCVE-2017-0750SUSE bug 1053160cpe:/o:suse:sled:12:sp3CVE-2017-0898SUSE Linux Enterprise Desktop 12 SP3
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.
ModerateCVE-2017-0898SUSE bug 1058755cpe:/o:suse:sled:12:sp3CVE-2017-1000024SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
ImportantCVE-2017-1000024SUSE bug 1054311cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000050SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.
ModerateCVE-2017-1000050SUSE bug 1047958SUSE bug 1178702cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000061SUSE Linux Enterprise Desktop 12 SP3
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
ModerateCVE-2017-1000061SUSE bug 1010675SUSE bug 1082267SUSE bug 1118959cpe:/o:suse:sled:12:sp3CVE-2017-1000082SUSE Linux Enterprise Desktop 12 SP2
systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
ModerateCVE-2017-1000082SUSE bug 1047023SUSE bug 1172483cpe:/o:suse:sled:12:sp2CVE-2017-1000083SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.
ModerateCVE-2017-1000083SUSE bug 1046856cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000099SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application's provide callback), which could lead to other private data from the heap to get inadvertently displayed. The wrong buffer was an uninitialized memory area allocated on the heap and if it turned out to not contain any zero byte, it would continue and display the data following that buffer in memory.
ModerateCVE-2017-1000099SUSE bug 1051645SUSE bug 1053919cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000100SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn't restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl's redirect protocols with --proto-redir and libcurl's with CURLOPT_REDIR_PROTOCOLS.
ModerateCVE-2017-1000100SUSE bug 1051644cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000101SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.
ModerateCVE-2017-1000101SUSE bug 1051643cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000111SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.
ModerateCVE-2017-1000111SUSE bug 1052365SUSE bug 1052367cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-1000112SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 ("[IPv4/IPv6]: UFO Scatter-gather approach") on Oct 18 2005.
ModerateCVE-2017-1000112SUSE bug 1052311SUSE bug 1052365SUSE bug 1052368SUSE bug 1072162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-1000121SUSE Linux Enterprise Desktop 12 SP4
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
ImportantCVE-2017-1000121SUSE bug 1078996cpe:/o:suse:sled:12:sp4CVE-2017-1000122SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple products.
ModerateCVE-2017-1000122SUSE bug 1078994cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000126SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
exiv2 0.26 contains a Stack out of bounds read in webp parser
ModerateCVE-2017-1000126SUSE bug 1068873cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-1000127SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Exiv2 0.26 contains a heap buffer overflow in tiff parser
ModerateCVE-2017-1000127SUSE bug 1068872cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000128SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser
ModerateCVE-2017-1000128SUSE bug 1068871cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-1000158SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)
ImportantCVE-2017-1000158SUSE bug 1068664cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000159SUSE Linux Enterprise Desktop 12 SP3
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
ModerateCVE-2017-1000159SUSE bug 1070046cpe:/o:suse:sled:12:sp3CVE-2017-1000215SUSE Linux Enterprise Desktop 12 SP3
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
ImportantCVE-2017-1000215SUSE bug 1068868cpe:/o:suse:sled:12:sp3CVE-2017-1000249SUSE Linux Enterprise Desktop 12 SP3
An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 (Aug 2017).
ImportantCVE-2017-1000249SUSE bug 1056838cpe:/o:suse:sled:12:sp3CVE-2017-1000250SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.
ModerateCVE-2017-1000250SUSE bug 1057342cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000251SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
ImportantCVE-2017-1000251SUSE bug 1057389SUSE bug 1057950SUSE bug 1070535SUSE bug 1072162SUSE bug 1120758cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000252SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
ModerateCVE-2017-1000252SUSE bug 1058038cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000253SUSE Linux Enterprise Desktop 12 SP3
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.
ImportantCVE-2017-1000253SUSE bug 1059525SUSE bug 1061680SUSE bug 1075506SUSE bug 1149729cpe:/o:suse:sled:12:sp3CVE-2017-1000254SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the `PWD` command. The server then responds with a 257 response containing the path, inside double quotes. The returned path name is then kept by libcurl for subsequent uses. Due to a flaw in the string parser for this directory name, a directory name passed like this but without a closing double quote would lead to libcurl not adding a trailing NUL byte to the buffer holding the name. When libcurl would then later access the string, it could read beyond the allocated heap buffer and crash or wrongly access data beyond the buffer, thinking it was part of the path. A malicious server could abuse this fact and effectively prevent libcurl-based clients to work with it - the PWD command is always issued on new FTP connections and the mistake has a high chance of causing a segfault. The simple fact that this has issue remained undiscovered for this long could suggest that malformed PWD responses are rare in benign servers. We are not aware of any exploit of this flaw. This bug was introduced in commit [415d2e7cb7](https://github.com/curl/curl/commit/415d2e7cb7), March 2005. In libcurl version 7.56.0, the parser always zero terminates the string but also rejects it if not terminated properly with a final double quote.
LowCVE-2017-1000254SUSE bug 1061876cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000255SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
On Linux running on PowerPC hardware (Power8 or later) a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception (interrupt), and use the r1 value *from the signal frame* as the kernel stack pointer. As part of the exception entry the content of the signal frame is written to the kernel stack, allowing an attacker to overwrite arbitrary locations with arbitrary values. The exception handling does produce an oops, and a panic if panic_on_oops=1, but only after kernel memory has been over written. This flaw was introduced in commit: "5d176f751ee3 (powerpc: tm: Enable transactional memory (TM) lazily for userspace)" which was merged upstream into v4.9-rc1. Please note that kernels built with CONFIG_PPC_TRANSACTIONAL_MEM=n are not vulnerable.
ModerateCVE-2017-1000255SUSE bug 1061633cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000256SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.
ModerateCVE-2017-1000256SUSE bug 1062563cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000257SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.
ModerateCVE-2017-1000257SUSE bug 1063824cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000364SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
ModerateCVE-2017-1000364SUSE bug 1039346SUSE bug 1039348SUSE bug 1042200SUSE bug 1044985SUSE bug 1075506SUSE bug 1077345SUSE bug 1149726cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-1000365SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.
ModerateCVE-2017-1000365SUSE bug 1037551SUSE bug 1039346SUSE bug 1039349SUSE bug 1039354SUSE bug 1054557SUSE bug 1077345cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-1000366SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
ImportantCVE-2017-1000366SUSE bug 1037551SUSE bug 1039357SUSE bug 1071319cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000367SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
ImportantCVE-2017-1000367SUSE bug 1007501SUSE bug 1039361SUSE bug 1042146SUSE bug 1077345cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000368SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
ImportantCVE-2017-1000368SUSE bug 1039361SUSE bug 1042146SUSE bug 1045986cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000379SUSE Linux Enterprise Desktop 12 SP2
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
ModerateCVE-2017-1000379SUSE bug 1037551SUSE bug 1039346SUSE bug 1044934SUSE bug 1059525cpe:/o:suse:sled:12:sp2CVE-2017-1000380SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.
ModerateCVE-2017-1000380SUSE bug 1044125cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000381SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.
ModerateCVE-2017-1000381SUSE bug 1044946cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-1000405SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original "Dirty cow" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp.
ImportantCVE-2017-1000405SUSE bug 1069496SUSE bug 1070307cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-1000408SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
ModerateCVE-2017-1000408SUSE bug 1039357SUSE bug 1071319cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000409SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
ModerateCVE-2017-1000409SUSE bug 1071319cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000410SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).
ModerateCVE-2017-1000410SUSE bug 1070535cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000422SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution
ModerateCVE-2017-1000422SUSE bug 1074462cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000445SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
ModerateCVE-2017-1000445SUSE bug 1074425cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000456SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.
ImportantCVE-2017-1000456SUSE bug 1074453cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-1000476SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-1000476SUSE bug 1074610cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10053SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10053SUSE bug 1049305cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10067SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).
ImportantCVE-2017-10067SUSE bug 1049306cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10074SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10074SUSE bug 1049307SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10078SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).
ImportantCVE-2017-10078SUSE bug 1049308SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10081SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).
ModerateCVE-2017-10081SUSE bug 1049309SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10086SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10086SUSE bug 1049310SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10087SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10087SUSE bug 1049311SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10089SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10089SUSE bug 1049312SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10090SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10090SUSE bug 1049313SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10096SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10096SUSE bug 1049314SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10101SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10101SUSE bug 1049315SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10102SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10102SUSE bug 1049316SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10105SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).
ModerateCVE-2017-10105SUSE bug 1049317SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10107SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10107SUSE bug 1049318SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10108SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10108SUSE bug 1049319SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10109SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10109SUSE bug 1049320SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10110SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10110SUSE bug 1049321SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10111SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10111SUSE bug 1049322SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10114SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10114SUSE bug 1049323SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10115SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
ImportantCVE-2017-10115SUSE bug 1049324SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10116SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10116SUSE bug 1049325SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10118SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
ImportantCVE-2017-10118SUSE bug 1049326SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10125SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: Applies to deployment of Java where the Java Auto Update is enabled. CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2017-10125SUSE bug 1049327SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10135SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
ModerateCVE-2017-10135SUSE bug 1049328SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10176SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
ImportantCVE-2017-10176SUSE bug 1049329SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10193SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
LowCVE-2017-10193SUSE bug 1049330SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10198SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2017-10198SUSE bug 1049331SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10243SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).
ModerateCVE-2017-10243SUSE bug 1049332SUSE bug 1049333cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10268SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).
ModerateCVE-2017-10268SUSE bug 1064101SUSE bug 1064119SUSE bug 1076505SUSE bug 1076506cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10274SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N).
ModerateCVE-2017-10274SUSE bug 1064071cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10281SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10281SUSE bug 1064072SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10285SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10285SUSE bug 1064073SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10295SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).
ModerateCVE-2017-10295SUSE bug 1064075SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10320SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-10320SUSE bug 1064113SUSE bug 1064119cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10345SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).
LowCVE-2017-10345SUSE bug 1064077SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10346SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-10346SUSE bug 1064078SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10347SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10347SUSE bug 1064079SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10348SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10348SUSE bug 1064080SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10349SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10349SUSE bug 1064081SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10350SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10350SUSE bug 1064082SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10355SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10355SUSE bug 1064083SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10356SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
ModerateCVE-2017-10356SUSE bug 1064084SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10357SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2017-10357SUSE bug 1064085SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10365SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).
LowCVE-2017-10365SUSE bug 1064114SUSE bug 1064119cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10378SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-10378SUSE bug 1064115SUSE bug 1064119SUSE bug 1076505SUSE bug 1076506cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10388SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: Applies to the Java SE Kerberos client. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).
ModerateCVE-2017-10388SUSE bug 1064086SUSE bug 1070162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10661SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
ModerateCVE-2017-10661SUSE bug 1053152SUSE bug 1053153cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-10664SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
ModerateCVE-2017-10664SUSE bug 1046636SUSE bug 1046637SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10672SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.
ModerateCVE-2017-10672SUSE bug 1046848SUSE bug 1069732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10684SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
ModerateCVE-2017-10684SUSE bug 1046858SUSE bug 1115932SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10685SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
ModerateCVE-2017-10685SUSE bug 1046853SUSE bug 1115932SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10689SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
ModerateCVE-2017-10689SUSE bug 1080288cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10790SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack.
ModerateCVE-2017-10790SUSE bug 1047002SUSE bug 1047453cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10794SUSE Linux Enterprise Desktop 12 SP3
When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.
ModerateCVE-2017-10794SUSE bug 1112392cpe:/o:suse:sled:12:sp3CVE-2017-10800SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
ModerateCVE-2017-10800SUSE bug 1047044cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10806SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.
ModerateCVE-2017-10806SUSE bug 1047674SUSE bug 1047675cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10810SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.
ModerateCVE-2017-10810SUSE bug 1047277cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-10911SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216.
ModerateCVE-2017-10911SUSE bug 1042863SUSE bug 1043330SUSE bug 1057378cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10915SUSE Linux Enterprise Desktop 12 SP4
The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
ModerateCVE-2017-10915SUSE bug 1042915cpe:/o:suse:sled:12:sp4CVE-2017-10928SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
ModerateCVE-2017-10928SUSE bug 1047356SUSE bug 1047359SUSE bug 1056277SUSE bug 1060176SUSE bug 1096261cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10971SUSE Linux Enterprise Desktop 12 SP2
In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.
ModerateCVE-2017-10971SUSE bug 1035283SUSE bug 1047730cpe:/o:suse:sled:12:sp2CVE-2017-10972SUSE Linux Enterprise Desktop 12 SP2
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.
ModerateCVE-2017-10972SUSE bug 1035283SUSE bug 1047730cpe:/o:suse:sled:12:sp2CVE-2017-10989SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
ModerateCVE-2017-10989SUSE bug 1131919SUSE bug 1132045cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-10995SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
ModerateCVE-2017-10995SUSE bug 1047908cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11103SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.
ImportantCVE-2017-11103SUSE bug 1048278cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11108SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
ModerateCVE-2017-11108SUSE bug 1047873SUSE bug 1057247SUSE bug 1123142cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11112SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
ModerateCVE-2017-11112SUSE bug 1046853SUSE bug 1047964SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11113SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
ModerateCVE-2017-11113SUSE bug 1046853SUSE bug 1047965SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11141SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
ModerateCVE-2017-11141SUSE bug 1047898cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11166SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
ModerateCVE-2017-11166SUSE bug 1048110cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11170SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.
ModerateCVE-2017-11170SUSE bug 1048110SUSE bug 1048272cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11171SUSE Linux Enterprise Desktop 12 SP1
Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data (an invalid magic cookie). Each failed authentication attempt will leak a file descriptor in gnome-session. When the maximum number of file descriptors is exhausted in the gnome-session process, it will enter an infinite loop trying to communicate without success, consuming 100% of the CPU. The graphical session associated with the gnome-session process will stop working correctly, because communication with gnome-session is no longer possible.
ModerateCVE-2017-11171SUSE bug 1025068SUSE bug 1048274cpe:/o:suse:sled:12:sp1CVE-2017-11176SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.
ModerateCVE-2017-11176SUSE bug 1048275cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11185SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
ImportantCVE-2017-11185SUSE bug 1051222SUSE bug 1107874cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11188SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.
ModerateCVE-2017-11188SUSE bug 1048457cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11331SUSE Linux Enterprise Desktop 12 SP3
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
LowCVE-2017-11331SUSE bug 1081744cpe:/o:suse:sled:12:sp3CVE-2017-11334SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.
ModerateCVE-2017-11334SUSE bug 1048902SUSE bug 1048920cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11403SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.
ModerateCVE-2017-11403SUSE bug 1049072SUSE bug 1053809SUSE bug 1053919SUSE bug 1054600SUSE bug 1057000SUSE bug 1084062cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11406SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values.
ModerateCVE-2017-11406SUSE bug 1049255cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11407SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt.
ModerateCVE-2017-11407SUSE bug 1049255cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11408SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection.
ModerateCVE-2017-11408SUSE bug 1049255cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11410SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.
ModerateCVE-2017-11410SUSE bug 1033938SUSE bug 1049255cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11411SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350.
ModerateCVE-2017-11411SUSE bug 1049255SUSE bug 1049621cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11423SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
ModerateCVE-2017-11423SUSE bug 1049423SUSE bug 1083915cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11434SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string.
ImportantCVE-2017-11434SUSE bug 1049381SUSE bug 1049578SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11446SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file.
ModerateCVE-2017-11446SUSE bug 1049379cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11448SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
ModerateCVE-2017-11448SUSE bug 1049375cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11449SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
ModerateCVE-2017-11449SUSE bug 1049373cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11450SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
ModerateCVE-2017-11450SUSE bug 1049374cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11462SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
ModerateCVE-2017-11462SUSE bug 1056995SUSE bug 1122468cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11464SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
LowCVE-2017-11464SUSE bug 1049607cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11472SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
LowCVE-2017-11472SUSE bug 1049580SUSE bug 1087082cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-11473SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.
ModerateCVE-2017-11473SUSE bug 1049603SUSE bug 1061680SUSE bug 1087082cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11478SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
ImportantCVE-2017-11478SUSE bug 1049796cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11505SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
ModerateCVE-2017-11505SUSE bug 1050072SUSE bug 1050100cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11522SUSE Linux Enterprise Desktop 12 SP3
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
ModerateCVE-2017-11522SUSE bug 1050076cpe:/o:suse:sled:12:sp3CVE-2017-11523SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
ImportantCVE-2017-11523SUSE bug 1050083cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11524SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.
ImportantCVE-2017-11524SUSE bug 1050087cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11525SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
ModerateCVE-2017-11525SUSE bug 1050098cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11526SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
ModerateCVE-2017-11526SUSE bug 1050072SUSE bug 1050100cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11527SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
ModerateCVE-2017-11527SUSE bug 1047054SUSE bug 1050116cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11528SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-11528SUSE bug 1050119cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11529SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-11529SUSE bug 1050120cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11530SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
ModerateCVE-2017-11530SUSE bug 1050122cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11531SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.
ModerateCVE-2017-11531SUSE bug 1050126cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11532SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.
ModerateCVE-2017-11532SUSE bug 1050129SUSE bug 1050623cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11533SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c.
ModerateCVE-2017-11533SUSE bug 1050132cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11534SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.
ModerateCVE-2017-11534SUSE bug 1050135cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11535SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c.
ImportantCVE-2017-11535SUSE bug 1050139cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11536SUSE Linux Enterprise Desktop 12 SP3
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c.
ModerateCVE-2017-11536SUSE bug 1050056cpe:/o:suse:sled:12:sp3CVE-2017-11537SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation.
ImportantCVE-2017-11537SUSE bug 1050048cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11538SUSE Linux Enterprise Desktop 12 SP3
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c.
ModerateCVE-2017-11538SUSE bug 1050043cpe:/o:suse:sled:12:sp3CVE-2017-11539SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.
ImportantCVE-2017-11539SUSE bug 1050037cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11540SUSE Linux Enterprise Desktop 12 SP3
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.
ModerateCVE-2017-11540SUSE bug 1050144cpe:/o:suse:sled:12:sp3CVE-2017-11541SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
ModerateCVE-2017-11541SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247SUSE bug 1123142cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11542SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
ModerateCVE-2017-11542SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247SUSE bug 1123142cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11543SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
ImportantCVE-2017-11543SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247SUSE bug 1123142cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11545SUSE Linux Enterprise Desktop 12 SP3
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11543. Reason: This candidate is a duplicate of CVE-2017-11543. Notes: All CVE users should reference CVE-2017-11543 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2017-11545SUSE bug 1050219cpe:/o:suse:sled:12:sp3CVE-2017-11550SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.
ModerateCVE-2017-11550SUSE bug 1081962cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11551SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file.
ModerateCVE-2017-11551SUSE bug 1081961cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11553SUSE Linux Enterprise Desktop 12 SP3
There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service.
ModerateCVE-2017-11553SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871SUSE bug 1103870cpe:/o:suse:sled:12:sp3CVE-2017-11591SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.
ModerateCVE-2017-11591SUSE bug 1050257SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11592SUSE Linux Enterprise Desktop 12 SP3
There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input.
ModerateCVE-2017-11592SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871SUSE bug 1103872cpe:/o:suse:sled:12:sp3CVE-2017-11600SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.
ImportantCVE-2017-11600SUSE bug 1050231SUSE bug 1096564cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11613SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.
LowCVE-2017-11613SUSE bug 1082332SUSE bug 1106853cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11624SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop."
ImportantCVE-2017-11624SUSE bug 1050581cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11625SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."
ImportantCVE-2017-11625SUSE bug 1050579cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11626SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop."
LowCVE-2017-11626SUSE bug 1050578cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11627SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."
ImportantCVE-2017-11627SUSE bug 1050577cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11636SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.
ModerateCVE-2017-11636SUSE bug 1050674SUSE bug 1053919cpe:/o:suse:sled:12:sp3CVE-2017-11637SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.
ModerateCVE-2017-11637SUSE bug 1050669cpe:/o:suse:sled:12:sp3CVE-2017-11638SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.
ModerateCVE-2017-11638SUSE bug 1050617cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11639SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h.
ModerateCVE-2017-11639SUSE bug 1050635cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11640SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.
ModerateCVE-2017-11640SUSE bug 1050632cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11641SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.
ModerateCVE-2017-11641SUSE bug 1050129SUSE bug 1050623cpe:/o:suse:sled:12:sp3CVE-2017-11642SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.
ModerateCVE-2017-11642SUSE bug 1050617cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11643SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.
ModerateCVE-2017-11643SUSE bug 1050611SUSE bug 1050674SUSE bug 1053919cpe:/o:suse:sled:12:sp3CVE-2017-11644SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
LowCVE-2017-11644SUSE bug 1050606cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11671SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.
ModerateCVE-2017-11671SUSE bug 1050947cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11683SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.
ModerateCVE-2017-11683SUSE bug 1051188SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11695SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.
ModerateCVE-2017-11695SUSE bug 1053418SUSE bug 1053419SUSE bug 1053420SUSE bug 1053422cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11696SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.
ModerateCVE-2017-11696SUSE bug 1053418SUSE bug 1053419SUSE bug 1053420SUSE bug 1053422cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11697SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.
ModerateCVE-2017-11697SUSE bug 1053418SUSE bug 1053419SUSE bug 1053420SUSE bug 1053422cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11698SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.
ModerateCVE-2017-11698SUSE bug 1053418SUSE bug 1053419SUSE bug 1053420SUSE bug 1053422cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11714SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c.
ModerateCVE-2017-11714SUSE bug 1051184cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11722SUSE Linux Enterprise Desktop 12 SP3
The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition.
LowCVE-2017-11722SUSE bug 1051411cpe:/o:suse:sled:12:sp3CVE-2017-11724SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.
ImportantCVE-2017-11724SUSE bug 1051446cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11750SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
ModerateCVE-2017-11750SUSE bug 1047910SUSE bug 1051442cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11751SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
ImportantCVE-2017-11751SUSE bug 1051412SUSE bug 1051416SUSE bug 1051430cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11752SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-11752SUSE bug 1051441cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-11753SUSE Linux Enterprise Desktop 12 SP3
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file.
ModerateCVE-2017-11753SUSE bug 1052488cpe:/o:suse:sled:12:sp3CVE-2017-12132SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.
LowCVE-2017-12132SUSE bug 1051791cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12133SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
ModerateCVE-2017-12133SUSE bug 1081556SUSE bug 980854cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12134SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.
ModerateCVE-2017-12134SUSE bug 1051790SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12135SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
ImportantCVE-2017-12135SUSE bug 1051787SUSE bug 1169392SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12136SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.
ModerateCVE-2017-12136SUSE bug 1051789cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12137SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
ImportantCVE-2017-12137SUSE bug 1051788SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12140SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.
ModerateCVE-2017-12140SUSE bug 1051847SUSE bug 1052764cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12150SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
ModerateCVE-2017-12150SUSE bug 1058622cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12151SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
ImportantCVE-2017-12151SUSE bug 1058565cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12153SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.
ModerateCVE-2017-12153SUSE bug 1058410SUSE bug 1058624cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12154SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.
ModerateCVE-2017-12154SUSE bug 1058038SUSE bug 1058507cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12163SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.
ModerateCVE-2017-12163SUSE bug 1058410SUSE bug 1058624cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12164SUSE Linux Enterprise Desktop 12 SP3
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
ModerateCVE-2017-12164SUSE bug 1058136SUSE bug 1180206cpe:/o:suse:sled:12:sp3CVE-2017-12166SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
CriticalCVE-2017-12166SUSE bug 1060877cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12172SUSE Linux Enterprise Desktop 12 SP2
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.
ImportantCVE-2017-12172SUSE bug 1062538SUSE bug 1062722SUSE bug 1185814cpe:/o:suse:sled:12:sp2CVE-2017-12173SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
LowCVE-2017-12173SUSE bug 1061832cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12176SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12176SUSE bug 1063041cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12177SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12177SUSE bug 1063040cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12178SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12178SUSE bug 1063039cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12179SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12179SUSE bug 1063038cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12180SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12180SUSE bug 1063037cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12181SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12181SUSE bug 1063037cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12182SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12182SUSE bug 1063037cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12183SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12183SUSE bug 1063035cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12184SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12184SUSE bug 1063034cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12185SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12185SUSE bug 1063034cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12186SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12186SUSE bug 1063034cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-12187SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
ModerateCVE-2017-12187SUSE bug 1063034cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12190SUSE Linux Enterprise Desktop 12 SP4
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.
ModerateCVE-2017-12190SUSE bug 1062568SUSE bug 1091815cpe:/o:suse:sled:12:sp4CVE-2017-12193SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.
ModerateCVE-2017-12193SUSE bug 1066192cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12194SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable.
ModerateCVE-2017-12194SUSE bug 1085415cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12374SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing operations (mbox.c operations on bounce messages). If successfully exploited, the ClamAV software could allow a variable pointing to the mail body which could cause a used after being free (use-after-free) instance which may lead to a disruption of services on an affected device to include a denial of service condition.
ImportantCVE-2017-12374SUSE bug 1077732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12375SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing functions (the rfc2047 function in mbox.c). An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition on an affected device.
ImportantCVE-2017-12375SUSE bug 1077732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12376SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause a handle_pdfname (in pdf.c) buffer overflow when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code.
ImportantCVE-2017-12376SUSE bug 1077732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12377SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.
ImportantCVE-2017-12377SUSE bug 1077732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12378SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (Tape Archive) files sent to an affected device. A successful exploit could cause a checksum buffer over-read condition when ClamAV scans the malicious .tar file, potentially allowing the attacker to cause a DoS condition on the affected device.
ImportantCVE-2017-12378SUSE bug 1077732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12379SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in the message parsing function on an affected system. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a messageAddArgument (in message.c) buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition or execute arbitrary code on an affected device.
ImportantCVE-2017-12379SUSE bug 1077732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12380SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms in mbox.c during certain mail parsing functions of the ClamAV software. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. An exploit could trigger a NULL pointer dereference condition when ClamAV scans the malicious email, which may result in a DoS condition.
ImportantCVE-2017-12380SUSE bug 1077732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12418SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.
LowCVE-2017-12418SUSE bug 1052207cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12424SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.
ModerateCVE-2017-12424SUSE bug 1052261cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12427SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
ModerateCVE-2017-12427SUSE bug 1052248cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12428SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c.
ModerateCVE-2017-12428SUSE bug 1052249SUSE bug 1052253cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12429SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12429SUSE bug 1052251cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12430SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12430SUSE bug 1052251SUSE bug 1052252cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12431SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service.
ImportantCVE-2017-12431SUSE bug 1052249SUSE bug 1052253cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12432SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12432SUSE bug 1052254cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12433SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c.
ModerateCVE-2017-12433SUSE bug 1052545cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12434SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
ModerateCVE-2017-12434SUSE bug 1052550cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12435SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12435SUSE bug 1052553SUSE bug 1057508cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12448SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c.
ModerateCVE-2017-12448SUSE bug 1052518SUSE bug 1059785cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12450SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file.
ModerateCVE-2017-12450SUSE bug 1052514SUSE bug 1059785cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12452SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file.
LowCVE-2017-12452SUSE bug 1052511SUSE bug 1059785cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12453SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.
LowCVE-2017-12453SUSE bug 1052509SUSE bug 1059785cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12454SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.
LowCVE-2017-12454SUSE bug 1052507SUSE bug 1059785cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12456SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file.
LowCVE-2017-12456SUSE bug 1052503SUSE bug 1059785cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12562SUSE Linux Enterprise Desktop 12 SP3
Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2017-12562SUSE bug 1052476cpe:/o:suse:sled:12:sp3CVE-2017-12563SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12563SUSE bug 1052460SUSE bug 1072901cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12564SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12564SUSE bug 1052468cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12565SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12565SUSE bug 1047910SUSE bug 1052470cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12566SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c.
ModerateCVE-2017-12566SUSE bug 1052472cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12587SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c.
ModerateCVE-2017-12587SUSE bug 1052450cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12588SUSE Linux Enterprise Desktop 12 SP3
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.
ModerateCVE-2017-12588SUSE bug 1051798cpe:/o:suse:sled:12:sp3CVE-2017-12595SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack consumption and segmentation fault) or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash in QPDFObjectHandle::parseInternal in libqpdf/QPDFObjectHandle.cc.
LowCVE-2017-12595SUSE bug 1055960cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12596SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact.
ModerateCVE-2017-12596SUSE bug 1052522cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12607SUSE Linux Enterprise Desktop 12 SP3
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
ImportantCVE-2017-12607SUSE bug 1065986cpe:/o:suse:sled:12:sp3CVE-2017-12608SUSE Linux Enterprise Desktop 12 SP3
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
ImportantCVE-2017-12608SUSE bug 1065982cpe:/o:suse:sled:12:sp3CVE-2017-12640SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
ModerateCVE-2017-12640SUSE bug 1052781cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12641SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
ModerateCVE-2017-12641SUSE bug 1052777cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12642SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c.
ModerateCVE-2017-12642SUSE bug 1052771cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12643SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
ModerateCVE-2017-12643SUSE bug 1052768cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12644SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.
ModerateCVE-2017-12644SUSE bug 1051847SUSE bug 1052764cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12652SUSE Linux Enterprise Desktop 12 SP4
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
LowCVE-2017-12652SUSE bug 1141493cpe:/o:suse:sled:12:sp4CVE-2017-12654SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-12654SUSE bug 1052761SUSE bug 1074119cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12662SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.
ModerateCVE-2017-12662SUSE bug 1052758cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12663SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.
ModerateCVE-2017-12663SUSE bug 1052754cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12664SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.
ModerateCVE-2017-12664SUSE bug 1052750cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12665SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c.
ModerateCVE-2017-12665SUSE bug 1052747cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12667SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
ModerateCVE-2017-12667SUSE bug 1052732cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12668SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
ModerateCVE-2017-12668SUSE bug 1052688cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12669SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.
ModerateCVE-2017-12669SUSE bug 1052689cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12670SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12670SUSE bug 1052731cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12671SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12671SUSE bug 1052721cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12672SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12672SUSE bug 1052720SUSE bug 1055434cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12673SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12673SUSE bug 1052717cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12674SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12674SUSE bug 1052711cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12675SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12675SUSE bug 1052710cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12676SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
ModerateCVE-2017-12676SUSE bug 1052708cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12678SUSE Linux Enterprise Desktop 12 SP3
In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file.
ModerateCVE-2017-12678SUSE bug 1052699cpe:/o:suse:sled:12:sp3CVE-2017-12691SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
ModerateCVE-2017-12691SUSE bug 1053955SUSE bug 1058422SUSE bug 1082363cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12692SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
ModerateCVE-2017-12692SUSE bug 1053955SUSE bug 1082362cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12693SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
ModerateCVE-2017-12693SUSE bug 1053955SUSE bug 1082348cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12799SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.
LowCVE-2017-12799SUSE bug 1053347cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12805SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.
LowCVE-2017-12805SUSE bug 1135236cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12806SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.
LowCVE-2017-12806SUSE bug 1135232cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12809SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.
ModerateCVE-2017-12809SUSE bug 1054724cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12814SUSE Linux Enterprise Desktop 12 SP3
Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable.
ImportantCVE-2017-12814SUSE bug 1057727cpe:/o:suse:sled:12:sp3CVE-2017-12836SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
ImportantCVE-2017-12836SUSE bug 1052481SUSE bug 1052696SUSE bug 1052932SUSE bug 1053364SUSE bug 1054653SUSE bug 1066430SUSE bug 1071709cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12837SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier.
ModerateCVE-2017-12837SUSE bug 1057724cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12855SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected.
ModerateCVE-2017-12855SUSE bug 1052686SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12858SUSE Linux Enterprise Desktop 12 SP3
Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.
ModerateCVE-2017-12858SUSE bug 1055377SUSE bug 1184178cpe:/o:suse:sled:12:sp3CVE-2017-12875SUSE Linux Enterprise Desktop 12 SP3
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.
LowCVE-2017-12875SUSE bug 1056988cpe:/o:suse:sled:12:sp3CVE-2017-12876SUSE Linux Enterprise Desktop 12 SP3
Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-12876SUSE bug 1054034cpe:/o:suse:sled:12:sp3CVE-2017-12877SUSE Linux Enterprise Desktop 12 SP3
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
CriticalCVE-2017-12877SUSE bug 1054029cpe:/o:suse:sled:12:sp3CVE-2017-12883SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape.
ModerateCVE-2017-12883SUSE bug 1057721cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12893SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
ModerateCVE-2017-12893SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12894SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
ModerateCVE-2017-12894SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12895SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
ModerateCVE-2017-12895SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12896SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
ModerateCVE-2017-12896SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12897SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
ModerateCVE-2017-12897SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12898SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
ModerateCVE-2017-12898SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12899SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
ModerateCVE-2017-12899SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12900SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
ModerateCVE-2017-12900SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12901SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
ModerateCVE-2017-12901SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12902SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
ModerateCVE-2017-12902SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12935SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
ModerateCVE-2017-12935SUSE bug 1054598SUSE bug 1054600cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12944SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation.
ModerateCVE-2017-12944SUSE bug 1003874SUSE bug 1054594cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12955SUSE Linux Enterprise Desktop 12 SP3
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.
LowCVE-2017-12955SUSE bug 1054593SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871cpe:/o:suse:sled:12:sp3CVE-2017-12956SUSE Linux Enterprise Desktop 12 SP3
There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service.
LowCVE-2017-12956SUSE bug 1054592SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871cpe:/o:suse:sled:12:sp3CVE-2017-12957SUSE Linux Enterprise Desktop 12 SP3
There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service.
ModerateCVE-2017-12957SUSE bug 1054590SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871cpe:/o:suse:sled:12:sp3CVE-2017-12982SUSE Linux Enterprise Desktop 12 SP3
The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/openjp2/image.c, related to the opj_aligned_alloc_n function in opj_malloc.c.
ModerateCVE-2017-12982SUSE bug 1054696cpe:/o:suse:sled:12:sp3CVE-2017-12983SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2017-12983SUSE bug 1054757cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12985SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
ModerateCVE-2017-12985SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12986SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
ModerateCVE-2017-12986SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12987SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
ModerateCVE-2017-12987SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12988SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
ModerateCVE-2017-12988SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12989SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().
ModerateCVE-2017-12989SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12990SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.
ModerateCVE-2017-12990SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12991SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
ModerateCVE-2017-12991SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12992SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
ModerateCVE-2017-12992SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12993SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.
ModerateCVE-2017-12993SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12994SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
ModerateCVE-2017-12994SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12995SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
ModerateCVE-2017-12995SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12996SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
ModerateCVE-2017-12996SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12997SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().
ModerateCVE-2017-12997SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12998SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().
ModerateCVE-2017-12998SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-12999SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
ModerateCVE-2017-12999SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13000SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().
ModerateCVE-2017-13000SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13001SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
ModerateCVE-2017-13001SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13002SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
ModerateCVE-2017-13002SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13003SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().
ModerateCVE-2017-13003SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13004SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
ModerateCVE-2017-13004SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13005SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
ModerateCVE-2017-13005SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13006SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
ModerateCVE-2017-13006SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13007SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().
ModerateCVE-2017-13007SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13008SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
ModerateCVE-2017-13008SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13009SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().
ModerateCVE-2017-13009SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13010SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
ModerateCVE-2017-13010SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13011SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().
ModerateCVE-2017-13011SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247SUSE bug 1123142cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13012SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
ModerateCVE-2017-13012SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13013SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
ModerateCVE-2017-13013SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13014SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.
ModerateCVE-2017-13014SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13015SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().
ModerateCVE-2017-13015SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13016SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
ModerateCVE-2017-13016SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13017SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
ModerateCVE-2017-13017SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13018SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
ModerateCVE-2017-13018SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13019SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
ModerateCVE-2017-13019SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13020SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
ModerateCVE-2017-13020SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13021SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
ModerateCVE-2017-13021SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13022SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
ModerateCVE-2017-13022SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13023SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
ModerateCVE-2017-13023SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13024SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
ModerateCVE-2017-13024SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13025SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
ModerateCVE-2017-13025SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13026SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.
ModerateCVE-2017-13026SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13027SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
ModerateCVE-2017-13027SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13028SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
ModerateCVE-2017-13028SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13029SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
ModerateCVE-2017-13029SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13030SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
ModerateCVE-2017-13030SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13031SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().
ModerateCVE-2017-13031SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13032SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
ModerateCVE-2017-13032SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13033SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
ModerateCVE-2017-13033SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13034SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
ModerateCVE-2017-13034SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13035SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
ModerateCVE-2017-13035SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13036SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
ModerateCVE-2017-13036SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13037SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().
ModerateCVE-2017-13037SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13038SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
ModerateCVE-2017-13038SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13039SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
ModerateCVE-2017-13039SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13040SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
ModerateCVE-2017-13040SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13041SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
ModerateCVE-2017-13041SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13042SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
ModerateCVE-2017-13042SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13043SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
ModerateCVE-2017-13043SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13044SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
ModerateCVE-2017-13044SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13045SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().
ModerateCVE-2017-13045SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13046SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
ModerateCVE-2017-13046SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13047SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
ModerateCVE-2017-13047SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13048SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
ModerateCVE-2017-13048SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13049SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
ModerateCVE-2017-13049SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13050SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
ModerateCVE-2017-13050SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13051SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
ModerateCVE-2017-13051SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13052SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
ModerateCVE-2017-13052SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13053SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
ModerateCVE-2017-13053SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13054SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
ModerateCVE-2017-13054SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13055SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
ModerateCVE-2017-13055SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13058SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-13058SUSE bug 1055069SUSE bug 1111072SUSE bug 1117463cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13059SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file.
ModerateCVE-2017-13059SUSE bug 1055068cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13060SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-13060SUSE bug 1055065SUSE bug 1055434SUSE bug 1076021cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13061SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
ModerateCVE-2017-13061SUSE bug 1055063SUSE bug 1072901cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13062SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
ModerateCVE-2017-13062SUSE bug 1055053SUSE bug 1055055cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13063SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.
ImportantCVE-2017-13063SUSE bug 1054598SUSE bug 1054600SUSE bug 1055038SUSE bug 1055050cpe:/o:suse:sled:12:sp3CVE-2017-13064SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.
ImportantCVE-2017-13064SUSE bug 1054598SUSE bug 1054600SUSE bug 1055042SUSE bug 1055050cpe:/o:suse:sled:12:sp3CVE-2017-13065SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.
ModerateCVE-2017-13065SUSE bug 1054598SUSE bug 1054600SUSE bug 1055038cpe:/o:suse:sled:12:sp3CVE-2017-13066SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
LowCVE-2017-13066SUSE bug 1036988SUSE bug 1055010cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-13078SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
ImportantCVE-2017-13078SUSE bug 1056061SUSE bug 1063479SUSE bug 1063667cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13079SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
ImportantCVE-2017-13079SUSE bug 1056061SUSE bug 1063479cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13080SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
ImportantCVE-2017-13080SUSE bug 1056061SUSE bug 1063479SUSE bug 1063667SUSE bug 1063671SUSE bug 1066295SUSE bug 1105108SUSE bug 1178872cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13081SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
ImportantCVE-2017-13081SUSE bug 1056061SUSE bug 1063479SUSE bug 1066295SUSE bug 1105108cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13087SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
ImportantCVE-2017-13087SUSE bug 1056061SUSE bug 1063479cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13088SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
ImportantCVE-2017-13088SUSE bug 1056061SUSE bug 1063479cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13089SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument.
ImportantCVE-2017-13089SUSE bug 1064715cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13090SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. The attacker can corrupt malloc metadata after the allocated buffer.
ImportantCVE-2017-13090SUSE bug 1064716cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13131SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.
ModerateCVE-2017-13131SUSE bug 1055229cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13132SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file.
ModerateCVE-2017-13132SUSE bug 1055226cpe:/o:suse:sled:12:sp3CVE-2017-13133SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
ImportantCVE-2017-13133SUSE bug 1055219cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13134SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-13134SUSE bug 1055214cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13139SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
ImportantCVE-2017-13139SUSE bug 1055430cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13140SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.
ModerateCVE-2017-13140SUSE bug 1053919SUSE bug 1055458cpe:/o:suse:sled:12:sp3CVE-2017-13141SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
ModerateCVE-2017-13141SUSE bug 1055456SUSE bug 1060162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13142SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
ModerateCVE-2017-13142SUSE bug 1055455cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13144SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.
ModerateCVE-2017-13144SUSE bug 1055437cpe:/o:suse:sled:12:sp3CVE-2017-13145SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
ModerateCVE-2017-13145SUSE bug 1055464cpe:/o:suse:sled:12:sp3CVE-2017-13146SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
ModerateCVE-2017-13146SUSE bug 1055323cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13147SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
ModerateCVE-2017-13147SUSE bug 1055374cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13166SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
ModerateCVE-2017-13166SUSE bug 1072865SUSE bug 1085447SUSE bug 1087082SUSE bug 1091815cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13167SUSE Linux Enterprise Desktop 12 SP3
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
ModerateCVE-2017-13167SUSE bug 1072876cpe:/o:suse:sled:12:sp3CVE-2017-13194SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201.
ModerateCVE-2017-13194SUSE bug 1075992cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13215SUSE Linux Enterprise Desktop 12 SP3
A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.
ModerateCVE-2017-13215SUSE bug 1075908SUSE bug 1091815cpe:/o:suse:sled:12:sp3CVE-2017-13220SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.
ModerateCVE-2017-13220SUSE bug 1076537cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-13221SUSE Linux Enterprise Desktop 12 SP3
An elevation of privilege vulnerability in the Upstream kernel wifi driver. Product: Android. Versions: Android kernel. Android ID: A-64709938.
ImportantCVE-2017-13221SUSE bug 1076600cpe:/o:suse:sled:12:sp3CVE-2017-13648SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
ModerateCVE-2017-13648SUSE bug 1054598SUSE bug 1054600SUSE bug 1055434cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13658SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
ModerateCVE-2017-13658SUSE bug 1055855cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13672SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update.
LowCVE-2017-13672SUSE bug 1056334SUSE bug 1056336SUSE bug 1084604cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13673SUSE Linux Enterprise Desktop 12 SP3
The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function.
LowCVE-2017-13673SUSE bug 1056386SUSE bug 1056387SUSE bug 1084604cpe:/o:suse:sled:12:sp3CVE-2017-13685SUSE Linux Enterprise Desktop 12 SP3
The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file.
ModerateCVE-2017-13685SUSE bug 1056541cpe:/o:suse:sled:12:sp3CVE-2017-13687SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
ModerateCVE-2017-13687SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13688SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
ModerateCVE-2017-13688SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13689SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
ModerateCVE-2017-13689SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13690SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
ModerateCVE-2017-13690SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13693SUSE Linux Enterprise Desktop 12 SP4
The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
LowCVE-2017-13693SUSE bug 1055713cpe:/o:suse:sled:12:sp4CVE-2017-13694SUSE Linux Enterprise Desktop 12 SP4
The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
LowCVE-2017-13694SUSE bug 1055705cpe:/o:suse:sled:12:sp4CVE-2017-13704SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
ImportantCVE-2017-13704SUSE bug 1060586cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2017-13711SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properly clear ifq_so from pending packets.
LowCVE-2017-13711SUSE bug 1056291cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13720SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters.
ModerateCVE-2017-13720SUSE bug 1054285SUSE bug 1159415cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13721SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.
ModerateCVE-2017-13721SUSE bug 1051150SUSE bug 1052984cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13722SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.
ModerateCVE-2017-13722SUSE bug 1049692SUSE bug 1159415cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13723SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.
ModerateCVE-2017-13723SUSE bug 1051150SUSE bug 1052984cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13725SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
ModerateCVE-2017-13725SUSE bug 1050219SUSE bug 1050222SUSE bug 1050225SUSE bug 1057247cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13726SUSE Linux Enterprise Desktop 12 SP3
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
ModerateCVE-2017-13726SUSE bug 1056176SUSE bug 1092949cpe:/o:suse:sled:12:sp3CVE-2017-13728SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
ModerateCVE-2017-13728SUSE bug 1056136SUSE bug 1069530SUSE bug 1115932SUSE bug 1123132SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13729SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
ModerateCVE-2017-13729SUSE bug 1056132SUSE bug 1069530SUSE bug 1115932SUSE bug 1123132SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13730SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
ModerateCVE-2017-13730SUSE bug 1056131SUSE bug 1069530SUSE bug 1115932SUSE bug 1123132SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13731SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
ModerateCVE-2017-13731SUSE bug 1056129SUSE bug 1069530SUSE bug 1115932SUSE bug 1123132SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13732SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
ModerateCVE-2017-13732SUSE bug 1056128SUSE bug 1069530SUSE bug 1115932SUSE bug 1123132SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13733SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
ModerateCVE-2017-13733SUSE bug 1056127SUSE bug 1069530SUSE bug 1115932SUSE bug 1123132SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13734SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
ModerateCVE-2017-13734SUSE bug 1056126cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13735SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.
ModerateCVE-2017-13735SUSE bug 1056170SUSE bug 1060321cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13738SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.
ModerateCVE-2017-13738SUSE bug 1056105cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13739SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution.
ModerateCVE-2017-13739SUSE bug 1056101cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13740SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact.
ModerateCVE-2017-13740SUSE bug 1056097cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13741SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack.
ModerateCVE-2017-13741SUSE bug 1056095cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13743SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack.
ModerateCVE-2017-13743SUSE bug 1056090cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13744SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0.
ModerateCVE-2017-13744SUSE bug 1056088cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13745SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
ModerateCVE-2017-13745SUSE bug 1053919SUSE bug 1056069SUSE bug 1092115cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2017-13746SUSE Linux Enterprise Desktop 12 SP3
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.
ModerateCVE-2017-13746SUSE bug 1053919SUSE bug 1056068cpe:/o:suse:sled:12:sp3CVE-2017-13747SUSE Linux Enterprise Desktop 12 SP3
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
ModerateCVE-2017-13747SUSE bug 1053919SUSE bug 1056067cpe:/o:suse:sled:12:sp3CVE-2017-13748SUSE Linux Enterprise Desktop 12 SP3
There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.
ModerateCVE-2017-13748SUSE bug 1053919SUSE bug 1056066cpe:/o:suse:sled:12:sp3CVE-2017-13749SUSE Linux Enterprise Desktop 12 SP3
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
ModerateCVE-2017-13749SUSE bug 1053919SUSE bug 1056065cpe:/o:suse:sled:12:sp3CVE-2017-13750SUSE Linux Enterprise Desktop 12 SP3
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack.
ModerateCVE-2017-13750SUSE bug 1053919SUSE bug 1056064cpe:/o:suse:sled:12:sp3CVE-2017-13751SUSE Linux Enterprise Desktop 12 SP3
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
ModerateCVE-2017-13751SUSE bug 1053919SUSE bug 1056063cpe:/o:suse:sled:12:sp3CVE-2017-13752SUSE Linux Enterprise Desktop 12 SP3
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
ModerateCVE-2017-13752SUSE bug 1053919SUSE bug 1056062cpe:/o:suse:sled:12:sp3CVE-2017-13753SUSE Linux Enterprise Desktop 12 SP3
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9396. Reason: This candidate is a duplicate of CVE-2016-9396. Notes: All CVE users should reference CVE-2016-9396 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2017-13753SUSE bug 1053919SUSE bug 1056060SUSE bug 1082397cpe:/o:suse:sled:12:sp3CVE-2017-13757SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c.
ModerateCVE-2017-13757SUSE bug 1056312cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13758SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.
ModerateCVE-2017-13758SUSE bug 1056277SUSE bug 1096261cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13764SUSE Linux Enterprise Desktop 12 SP3
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.
ModerateCVE-2017-13764SUSE bug 1056250cpe:/o:suse:sled:12:sp3CVE-2017-13765SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.
ModerateCVE-2017-13765SUSE bug 1056251cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13766SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.
ModerateCVE-2017-13766SUSE bug 1056249cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13767SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
ModerateCVE-2017-13767SUSE bug 1056248cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13768SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
ModerateCVE-2017-13768SUSE bug 1056434cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13769SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
ModerateCVE-2017-13769SUSE bug 1056432cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13775SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.
ModerateCVE-2017-13775SUSE bug 1056431cpe:/o:suse:sled:12:sp3CVE-2017-13777SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.
ModerateCVE-2017-13777SUSE bug 1056426SUSE bug 1057719cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-13788SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13788SUSE bug 1069925cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13797SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13797SUSE bug 1074985cpe:/o:suse:sled:12:sp3CVE-2017-13798SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13798SUSE bug 1069925cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13803SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13803SUSE bug 1069925cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13856SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13856SUSE bug 1073654cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13866SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13866SUSE bug 1073654cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13870SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13870SUSE bug 1073654cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13884SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13884SUSE bug 1075775SUSE bug 1077535cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-13885SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-13885SUSE bug 1075775SUSE bug 1077535cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14039SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.
ModerateCVE-2017-14039SUSE bug 1056622SUSE bug 1057511cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14040SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact.
ModerateCVE-2017-14040SUSE bug 1056621cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14041SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
ModerateCVE-2017-14041SUSE bug 1056562cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14042SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.
ModerateCVE-2017-14042SUSE bug 1054598SUSE bug 1054600SUSE bug 1056550SUSE bug 1059721cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14051SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.
ModerateCVE-2017-14051SUSE bug 1056588cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14060SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.
ModerateCVE-2017-14060SUSE bug 1056768cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14061SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
ModerateCVE-2017-14061SUSE bug 1056451cpe:/o:suse:sled:12:sp4CVE-2017-14062SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
ModerateCVE-2017-14062SUSE bug 1056450SUSE bug 1087709SUSE bug 1118435SUSE bug 1123123SUSE bug 1173590cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14103SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403.
ModerateCVE-2017-14103SUSE bug 1057000cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14106SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.
LowCVE-2017-14106SUSE bug 1056982cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14107SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive.
ModerateCVE-2017-14107SUSE bug 1056996cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14120SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathnames of the form ../[filename] are unpacked into the upper directory.
LowCVE-2017-14120SUSE bug 1057003SUSE bug 1138468cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-14121SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references.
LowCVE-2017-14121SUSE bug 1057004SUSE bug 1138468cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-14122SUSE Linux Enterprise Desktop 12 SP3
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
ImportantCVE-2017-14122SUSE bug 1057005SUSE bug 1138468cpe:/o:suse:sled:12:sp3CVE-2017-14128SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-14128SUSE bug 1057139cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14129SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-14129SUSE bug 1057144cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14130SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-14130SUSE bug 1057149cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14137SUSE Linux Enterprise Desktop 12 SP3
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.
ModerateCVE-2017-14137SUSE bug 1057153SUSE bug 1057157cpe:/o:suse:sled:12:sp3CVE-2017-14138SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.
ModerateCVE-2017-14138SUSE bug 1057153SUSE bug 1057157cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14139SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.
ModerateCVE-2017-14139SUSE bug 1057163cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14140SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
LowCVE-2017-14140SUSE bug 1057179cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14151SUSE Linux Enterprise Desktop 12 SP3
An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_mqc_flush in lib/openjp2/mqc.c and opj_t1_encode_cblk in lib/openjp2/t1.c) or possibly remote code execution.
ModerateCVE-2017-14151SUSE bug 1057336cpe:/o:suse:sled:12:sp3CVE-2017-14152SUSE Linux Enterprise Desktop 12 SP3
A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c and opj_j2k_write_sot in lib/openjp2/j2k.c) or possibly remote code execution.
ModerateCVE-2017-14152SUSE bug 1057335SUSE bug 1057511cpe:/o:suse:sled:12:sp3CVE-2017-14156SUSE Linux Enterprise Desktop 12 SP3
The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes.
ModerateCVE-2017-14156SUSE bug 1057347cpe:/o:suse:sled:12:sp3CVE-2017-14160SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.
ModerateCVE-2017-14160SUSE bug 1059812SUSE bug 1091072cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14164SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c) or possibly remote code execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-14152.
ModerateCVE-2017-14164SUSE bug 1057511cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14166SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c.
ModerateCVE-2017-14166SUSE bug 1057514cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14167SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.
LowCVE-2017-14167SUSE bug 1057585cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14172SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
LowCVE-2017-14172SUSE bug 1057730cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14173SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value.
LowCVE-2017-14173SUSE bug 1057729cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14174SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
LowCVE-2017-14174SUSE bug 1057723SUSE bug 1072901cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14175SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.
ModerateCVE-2017-14175SUSE bug 1056426SUSE bug 1056429SUSE bug 1057719cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14224SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
LowCVE-2017-14224SUSE bug 1058009cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14226SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.
ImportantCVE-2017-14226SUSE bug 1058025cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14229SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack.
ModerateCVE-2017-14229SUSE bug 1058000cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2017-14245SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
ModerateCVE-2017-14245SUSE bug 1059912SUSE bug 1071777cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14246SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
ModerateCVE-2017-14246SUSE bug 1059913SUSE bug 1071767cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14248SUSE Linux Enterprise Desktop 12 SP3
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.
LowCVE-2017-14248SUSE bug 1058220cpe:/o:suse:sled:12:sp3CVE-2017-14249SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.
LowCVE-2017-14249SUSE bug 1058082cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14265SUSE Linux Enterprise Desktop 12 SP3
A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.
ModerateCVE-2017-14265SUSE bug 1060163SUSE bug 1084688SUSE bug 1084690SUSE bug 1084691cpe:/o:suse:sled:12:sp3CVE-2017-14314SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.
LowCVE-2017-14314SUSE bug 1058630cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14316SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the function checks to see if the special constant `NUMA_NO_NODE` is specified, it otherwise does not handle the case where `node >= MAX_NUMNODES`. This allows an out-of-bounds access to an internal array.
ImportantCVE-2017-14316SUSE bug 1056278cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14317SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it (including domain creation / destruction, ballooning, device changes, etc.).
ModerateCVE-2017-14317SUSE bug 1056281SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14318SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mapping to the calling domain exists for the page in question. However, the function does not check to see if the owning domain actually has a grant table or not. Some special domains, such as `DOMID_XEN`, `DOMID_IO` and `DOMID_COW` are created without grant tables. Hence, if __gnttab_cache_flush operates on a page owned by these special domains, it will attempt to dereference a NULL pointer in the domain struct.
ModerateCVE-2017-14318SUSE bug 1056280cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14319SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into account.
ImportantCVE-2017-14319SUSE bug 1056282SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14325SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.
LowCVE-2017-14325SUSE bug 1058635cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14326SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
LowCVE-2017-14326SUSE bug 1058640cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14333SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution.
LowCVE-2017-14333SUSE bug 1058480cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14341SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
LowCVE-2017-14341SUSE bug 1058637cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14342SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
LowCVE-2017-14342SUSE bug 1058485cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14343SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
LowCVE-2017-14343SUSE bug 1058422SUSE bug 1082363cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14348SUSE Linux Enterprise Desktop 12 SP3
LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.
LowCVE-2017-14348SUSE bug 1058467SUSE bug 1063798cpe:/o:suse:sled:12:sp3CVE-2017-14400SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.
LowCVE-2017-14400SUSE bug 1058435cpe:/o:suse:sled:12:sp3CVE-2017-14482SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article).
ModerateCVE-2017-14482SUSE bug 1058425cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-14489SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
ModerateCVE-2017-14489SUSE bug 1059051cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14491SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
ModerateCVE-2017-14491SUSE bug 1060354SUSE bug 1060360SUSE bug 1060361SUSE bug 1060362SUSE bug 1060364SUSE bug 1063832SUSE bug 1143944cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14492SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
ModerateCVE-2017-14492SUSE bug 1060355SUSE bug 1060360SUSE bug 1060361SUSE bug 1060362SUSE bug 1060364SUSE bug 1063832cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14493SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
ModerateCVE-2017-14493SUSE bug 1060360SUSE bug 1060361SUSE bug 1060362SUSE bug 1060364SUSE bug 1063832cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14494SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
ModerateCVE-2017-14494SUSE bug 1060360SUSE bug 1060361SUSE bug 1060362SUSE bug 1060364cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14495SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
ImportantCVE-2017-14495SUSE bug 1060360SUSE bug 1060361SUSE bug 1060362SUSE bug 1060364cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14496SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
ImportantCVE-2017-14496SUSE bug 1060360SUSE bug 1060361SUSE bug 1060362SUSE bug 1060364cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14501SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
ModerateCVE-2017-14501SUSE bug 1059139cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14502SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header.
ModerateCVE-2017-14502SUSE bug 1059134cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14503SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.
ModerateCVE-2017-14503SUSE bug 1059100cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14505SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.
ModerateCVE-2017-14505SUSE bug 1059735cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14517SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document.
ModerateCVE-2017-14517SUSE bug 1059066cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14518SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document.
ModerateCVE-2017-14518SUSE bug 1059101cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14520SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files.
ModerateCVE-2017-14520SUSE bug 1059155cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14529SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function.
ModerateCVE-2017-14529SUSE bug 1059050cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14531SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
ModerateCVE-2017-14531SUSE bug 1057508SUSE bug 1059666cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14532SUSE Linux Enterprise Desktop 12 SP3
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
ModerateCVE-2017-14532SUSE bug 1059663cpe:/o:suse:sled:12:sp3CVE-2017-14533SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
ModerateCVE-2017-14533SUSE bug 1059751cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14604SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. In other words, Nautilus provides no UI indication that a file actually has the potentially unsafe .desktop extension; instead, the UI only shows the .pdf extension. One (slightly) mitigating factor is that an attack requires the .desktop file to have execute permission. The solution is to ask the user to confirm that the file is supposed to be treated as a .desktop file, and then remember the user's answer in the metadata::trusted field.
ModerateCVE-2017-14604SUSE bug 1060031cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14607SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
ModerateCVE-2017-14607SUSE bug 1059778cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14608SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
ModerateCVE-2017-14608SUSE bug 1063798cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14617SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files.
ModerateCVE-2017-14617SUSE bug 1060220cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14624SUSE Linux Enterprise Desktop 12 SP3
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
ModerateCVE-2017-14624SUSE bug 1059772cpe:/o:suse:sled:12:sp3CVE-2017-14625SUSE Linux Enterprise Desktop 12 SP3
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
ModerateCVE-2017-14625SUSE bug 1059770cpe:/o:suse:sled:12:sp3CVE-2017-14626SUSE Linux Enterprise Desktop 12 SP3
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
ModerateCVE-2017-14626SUSE bug 1059767cpe:/o:suse:sled:12:sp3CVE-2017-14632SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
ModerateCVE-2017-14632SUSE bug 1059809cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14633SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().
ModerateCVE-2017-14633SUSE bug 1059811SUSE bug 1081833cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14634SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.
ModerateCVE-2017-14634SUSE bug 1059911cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14649SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).
ModerateCVE-2017-14649SUSE bug 1060162cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14682SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
ModerateCVE-2017-14682SUSE bug 1047356SUSE bug 1060176cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14684SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.
ModerateCVE-2017-14684SUSE bug 1060177cpe:/o:suse:sled:12:sp3CVE-2017-14729SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
ModerateCVE-2017-14729SUSE bug 1060621cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14731SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call.
ModerateCVE-2017-14731SUSE bug 1060437cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14733SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
ModerateCVE-2017-14733SUSE bug 1060577cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14739SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.
ModerateCVE-2017-14739SUSE bug 1060382cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14745SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
ModerateCVE-2017-14745SUSE bug 1060599cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14746SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
ImportantCVE-2017-14746SUSE bug 1060427SUSE bug 1069666cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14857SUSE Linux Enterprise Desktop 12 SP3
In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack.
LowCVE-2017-14857SUSE bug 1061013cpe:/o:suse:sled:12:sp3CVE-2017-14859SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
LowCVE-2017-14859SUSE bug 1061000SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14860SUSE Linux Enterprise Desktop 12 SP3
There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
LowCVE-2017-14860SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871cpe:/o:suse:sled:12:sp3CVE-2017-14861SUSE Linux Enterprise Desktop 12 SP3
There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
LowCVE-2017-14861SUSE bug 1060997cpe:/o:suse:sled:12:sp3CVE-2017-14862SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
LowCVE-2017-14862SUSE bug 1060996SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14863SUSE Linux Enterprise Desktop 12 SP3
A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
LowCVE-2017-14863SUSE bug 1061031cpe:/o:suse:sled:12:sp3CVE-2017-14864SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
LowCVE-2017-14864SUSE bug 1060995SUSE bug 1061023SUSE bug 1061025SUSE bug 1068871SUSE bug 1080734cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14927SUSE Linux Enterprise Desktop 12 SP3
In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document.
ModerateCVE-2017-14927SUSE bug 1061094cpe:/o:suse:sled:12:sp3CVE-2017-14928SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document.
ModerateCVE-2017-14928SUSE bug 1061092cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14929SUSE Linux Enterprise Desktop 12 SP3
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519.
ModerateCVE-2017-14929SUSE bug 1059050SUSE bug 1061091cpe:/o:suse:sled:12:sp3CVE-2017-14952SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
ModerateCVE-2017-14952SUSE bug 1067203SUSE bug 1123121cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14974SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
ModerateCVE-2017-14974SUSE bug 1061241cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14975SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.
ModerateCVE-2017-14975SUSE bug 1061263cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14976SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack.
ModerateCVE-2017-14976SUSE bug 1061264cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14977SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack.
ModerateCVE-2017-14977SUSE bug 1061265cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14988SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.
ModerateCVE-2017-14988SUSE bug 1061305cpe:/o:suse:sled:12:sp4CVE-2017-14989SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.
ModerateCVE-2017-14989SUSE bug 1061254cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-14994SUSE Linux Enterprise Desktop 12 SP3
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.
ModerateCVE-2017-14994SUSE bug 1061587cpe:/o:suse:sled:12:sp3CVE-2017-14997SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
LowCVE-2017-14997SUSE bug 1112399SUSE bug 1117463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15015SUSE Linux Enterprise Desktop 12 SP3
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
LowCVE-2017-15015SUSE bug 1082289cpe:/o:suse:sled:12:sp3CVE-2017-15016SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
LowCVE-2017-15016SUSE bug 1082291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15017SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
LowCVE-2017-15017SUSE bug 1082283cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15023SUSE Linux Enterprise Desktop 12 SP3
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename.
ModerateCVE-2017-15023SUSE bug 1061623SUSE bug 1065689cpe:/o:suse:sled:12:sp3CVE-2017-15032SUSE Linux Enterprise Desktop 12 SP3
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
ModerateCVE-2017-15032SUSE bug 1061868cpe:/o:suse:sled:12:sp3CVE-2017-15033SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
ModerateCVE-2017-15033SUSE bug 1061873cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15038SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes.
LowCVE-2017-15038SUSE bug 1062069cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15088SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.
ImportantCVE-2017-15088SUSE bug 1065274cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15095SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.
ModerateCVE-2017-15095SUSE bug 1192165SUSE bug 1193944cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2017-15098SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory.
ImportantCVE-2017-15098SUSE bug 1067844SUSE bug 1185814cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15099SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege.
ImportantCVE-2017-15099SUSE bug 1067841cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15101SUSE Linux Enterprise Desktop 12 SP3
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution.
ImportantCVE-2017-15101SUSE bug 1067336cpe:/o:suse:sled:12:sp3CVE-2017-15107SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
ModerateCVE-2017-15107SUSE bug 1076958cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15108SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed.
ImportantCVE-2017-15108SUSE bug 1070724cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15115SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.
ModerateCVE-2017-15115SUSE bug 1068671cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15118SUSE Linux Enterprise Desktop 12 SP3
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires TLS, the attacker cannot trigger the buffer overflow without first successfully negotiating TLS.
ImportantCVE-2017-15118SUSE bug 1070147cpe:/o:suse:sled:12:sp3CVE-2017-15119SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other requests, resulting in DoS.
LowCVE-2017-15119SUSE bug 1070144cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15121SUSE Linux Enterprise Desktop 12 SP3
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
ModerateCVE-2017-15121SUSE bug 1071726cpe:/o:suse:sled:12:sp3CVE-2017-15124SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host.
ModerateCVE-2017-15124SUSE bug 1073489cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15126SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put().
ImportantCVE-2017-15126SUSE bug 1073108cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-15127SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).
ModerateCVE-2017-15127SUSE bug 1073113cpe:/o:suse:sled:12:sp4CVE-2017-15128SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
ModerateCVE-2017-15128SUSE bug 1073112cpe:/o:suse:sled:12:sp4CVE-2017-15129SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
ModerateCVE-2017-15129SUSE bug 1074839cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15131SUSE Linux Enterprise Desktop 12 SP3
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.
LowCVE-2017-15131SUSE bug 1075378cpe:/o:suse:sled:12:sp3CVE-2017-15191SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
ImportantCVE-2017-15191SUSE bug 1062645SUSE bug 983671cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15192SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.
ImportantCVE-2017-15192SUSE bug 1062645SUSE bug 983671cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15193SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
ImportantCVE-2017-15193SUSE bug 1062645SUSE bug 983671cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15217SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
ModerateCVE-2017-15217SUSE bug 1062750cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15218SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
ModerateCVE-2017-15218SUSE bug 1047910SUSE bug 1062752cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15232SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
ModerateCVE-2017-15232SUSE bug 1062937cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15238SUSE Linux Enterprise Desktop 12 SP3
ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.
ModerateCVE-2017-15238SUSE bug 1067198cpe:/o:suse:sled:12:sp3CVE-2017-15265SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.
ModerateCVE-2017-15265SUSE bug 1062520cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15268SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c.
ModerateCVE-2017-15268SUSE bug 1062942cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15274SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.
ModerateCVE-2017-15274SUSE bug 1045327SUSE bug 1062471cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15275SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
ModerateCVE-2017-15275SUSE bug 1063008SUSE bug 1069666cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15277SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.
ModerateCVE-2017-15277SUSE bug 1063050cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15281SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."
ModerateCVE-2017-15281SUSE bug 1063049SUSE bug 1072901cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15286SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.
ModerateCVE-2017-15286SUSE bug 1063145cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-15289SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
ModerateCVE-2017-15289SUSE bug 1063122SUSE bug 1063123SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15365SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.
ModerateCVE-2017-15365SUSE bug 1072167SUSE bug 1076506cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15400SUSE Linux Enterprise Desktop 12 SP3
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.
ImportantCVE-2017-15400SUSE bug 1102220cpe:/o:suse:sled:12:sp3CVE-2017-15412SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2017-15412SUSE bug 1071691SUSE bug 1077993SUSE bug 1123129SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15422SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ModerateCVE-2017-15422SUSE bug 1071691SUSE bug 1077999SUSE bug 1123121cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15537SUSE Linux Enterprise Desktop 12 SP4
The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.
LowCVE-2017-15537SUSE bug 1063984cpe:/o:suse:sled:12:sp4CVE-2017-15565SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.
ModerateCVE-2017-15565SUSE bug 1064593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15588SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.
ImportantCVE-2017-15588SUSE bug 1061082SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-15589SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory.
ModerateCVE-2017-15589SUSE bug 1061080SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-15590SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.
ImportantCVE-2017-15590SUSE bug 1061076SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-15591SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
ModerateCVE-2017-15591SUSE bug 1061077cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-15592SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
ImportantCVE-2017-15592SUSE bug 1061086SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-15593SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
ModerateCVE-2017-15593SUSE bug 1061084SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-15594SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
ImportantCVE-2017-15594SUSE bug 1061087SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-15595SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
ImportantCVE-2017-15595SUSE bug 1061081SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15597SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot be ruled out.
ImportantCVE-2017-15597SUSE bug 1061075cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15631SUSE Linux Enterprise Desktop 12 SP4
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.
CriticalCVE-2017-15631cpe:/o:suse:sled:12:sp4CVE-2017-15638SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.
ModerateCVE-2017-15638SUSE bug 1064127cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15649SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.
ImportantCVE-2017-15649SUSE bug 1064388SUSE bug 1064392SUSE bug 1087082cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15652SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a postscript file though ghostscript. Because of imagemagick also use libga, so it was affected as well.
ModerateCVE-2017-15652SUSE bug 1136756cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15670SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.
ImportantCVE-2017-15670SUSE bug 1064583cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15671SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).
ImportantCVE-2017-15671SUSE bug 1064569cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15705SUSE Linux Enterprise Desktop 12 SP4
A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the "open" event is immediately followed by a "close" event - even if the tag *does not* close in the HTML being parsed. Because of this, we are missing the "text" event to deal with the object normally. This can cause carefully crafted emails that might take more scan time than expected leading to a Denial of Service. The issue is possibly a bug or design decision in HTML::Parser that specifically impacts the way Apache SpamAssassin uses the module with poorly formed html. The exploit has been seen in the wild but not believed to have been purposefully part of a Denial of Service attempt. We are concerned that there may be attempts to abuse the vulnerability in the future.
ImportantCVE-2017-15705SUSE bug 1108745cpe:/o:suse:sled:12:sp4CVE-2017-15804SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
ModerateCVE-2017-15804SUSE bug 1064580cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15868SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
ModerateCVE-2017-15868SUSE bug 1071470SUSE bug 1071471cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15874SUSE Linux Enterprise Desktop 12 SP3
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.
LowCVE-2017-15874SUSE bug 1064978cpe:/o:suse:sled:12:sp3CVE-2017-15906SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
ModerateCVE-2017-15906SUSE bug 1064285SUSE bug 1065000SUSE bug 1074115SUSE bug 1079488SUSE bug 1090163SUSE bug 1099316SUSE bug 1138392cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15908SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.
ModerateCVE-2017-15908SUSE bug 1065276cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15930SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.
ModerateCVE-2017-15930SUSE bug 1066003cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15938SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash).
ModerateCVE-2017-15938SUSE bug 1065693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15939SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023.
ModerateCVE-2017-15939SUSE bug 1061623SUSE bug 1065689cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15951SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.
ModerateCVE-2017-15951SUSE bug 1062840SUSE bug 1065615cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-15994SUSE Linux Enterprise Desktop 12 SP3
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.
ModerateCVE-2017-15994SUSE bug 1065646cpe:/o:suse:sled:12:sp3CVE-2017-15996SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.
ModerateCVE-2017-15996SUSE bug 1065643cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16012SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-9251. Reason: This candidate is a duplicate of CVE-2015-9251. Notes: All CVE users should reference CVE-2015-9251 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2017-16012SUSE bug 1111660cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2017-16232SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue.
LowCVE-2017-16232SUSE bug 1069213cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16352SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.
ModerateCVE-2017-16352SUSE bug 1066168SUSE bug 1066170cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16353SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
ModerateCVE-2017-16353SUSE bug 1066170cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16525SUSE Linux Enterprise Desktop 12 SP4
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.
ModerateCVE-2017-16525SUSE bug 1066618SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16527SUSE Linux Enterprise Desktop 12 SP4
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16527SUSE bug 1066625SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16528SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16528SUSE bug 1066629SUSE bug 1146519cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16529SUSE Linux Enterprise Desktop 12 SP4
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16529SUSE bug 1066650SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16531SUSE Linux Enterprise Desktop 12 SP4
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor.
ModerateCVE-2017-16531SUSE bug 1066671SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16532SUSE Linux Enterprise Desktop 12 SP2
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16532SUSE bug 1066673SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp2CVE-2017-16533SUSE Linux Enterprise Desktop 12 SP4
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16533SUSE bug 1066674SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16534SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16534SUSE bug 1066693SUSE bug 1146519cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16535SUSE Linux Enterprise Desktop 12 SP4
The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16535SUSE bug 1066700SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16536SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16536SUSE bug 1066606SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16537SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16537SUSE bug 1066573SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16538SUSE Linux Enterprise Desktop 12 SP4
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner).
ModerateCVE-2017-16538SUSE bug 1066569SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16541SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.
ModerateCVE-2017-16541SUSE bug 1066489SUSE bug 1107343cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16545SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image.
ModerateCVE-2017-16545SUSE bug 1067184cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16546SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.
ModerateCVE-2017-16546SUSE bug 1067181cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16548SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.
ModerateCVE-2017-16548SUSE bug 1066644cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16611SUSE Linux Enterprise Desktop 12 SP4
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
ModerateCVE-2017-16611SUSE bug 1050459cpe:/o:suse:sled:12:sp4CVE-2017-16612SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0.
ImportantCVE-2017-16612SUSE bug 1065386SUSE bug 1159415cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16644SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16644SUSE bug 1067118SUSE bug 1087082SUSE bug 1091815SUSE bug 1146519cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16645SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16645SUSE bug 1067132SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16646SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16646SUSE bug 1067105SUSE bug 1146519cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16647SUSE Linux Enterprise Desktop 12 SP4
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16647SUSE bug 1067102SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16649SUSE Linux Enterprise Desktop 12 SP4
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16649SUSE bug 1067085SUSE bug 1067115SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16650SUSE Linux Enterprise Desktop 12 SP4
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-16650SUSE bug 1067086SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-16669SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.
ModerateCVE-2017-16669SUSE bug 1067409SUSE bug 1072898cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16808SUSE Linux Enterprise Desktop 12 SP4
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
ImportantCVE-2017-16808SUSE bug 1068716SUSE bug 1153098cpe:/o:suse:sled:12:sp4CVE-2017-16818SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, related to rgw/rgw_iam_policy.cc, rgw/rgw_basic_types.h, and rgw/rgw_iam_types.h.
ImportantCVE-2017-16818SUSE bug 1063014SUSE bug 1069253cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16826SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted PE file.
ModerateCVE-2017-16826SUSE bug 1068640cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16827SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file.
ModerateCVE-2017-16827SUSE bug 1069202cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16828SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame.
ModerateCVE-2017-16828SUSE bug 1069176cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16829SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file.
LowCVE-2017-16829SUSE bug 1068950cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16830SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file.
LowCVE-2017-16830SUSE bug 1068888cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16831SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file.
ModerateCVE-2017-16831SUSE bug 1068887cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16832SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file.
LowCVE-2017-16832SUSE bug 1068643cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16844SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618.
ModerateCVE-2017-16844SUSE bug 1068648cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16845SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
LowCVE-2017-16845SUSE bug 1068613cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16879SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.
ImportantCVE-2017-16879SUSE bug 1069530SUSE bug 1123132SUSE bug 1175501cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-16899SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c.
ModerateCVE-2017-16899SUSE bug 1069257cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16909SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.
ModerateCVE-2017-16909SUSE bug 1072385cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16910SUSE Linux Enterprise Desktop 12 SP3
An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.
ModerateCVE-2017-16910SUSE bug 1072384cpe:/o:suse:sled:12:sp3CVE-2017-16911SUSE Linux Enterprise Desktop 12 SP4
The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP.
ModerateCVE-2017-16911SUSE bug 1078674SUSE bug 1087082SUSE bug 1091815cpe:/o:suse:sled:12:sp4CVE-2017-16912SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.
ModerateCVE-2017-16912SUSE bug 1078673SUSE bug 1087082SUSE bug 1091815cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16913SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.
ModerateCVE-2017-16913SUSE bug 1078672SUSE bug 1087082SUSE bug 1091815cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16914SUSE Linux Enterprise Desktop 12 SP4
The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet.
ModerateCVE-2017-16914SUSE bug 1078669SUSE bug 1087082SUSE bug 1091815cpe:/o:suse:sled:12:sp4CVE-2017-16927SUSE Linux Enterprise Desktop 12 SP4
The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted input stream.
ModerateCVE-2017-16927SUSE bug 1069591SUSE bug 442182cpe:/o:suse:sled:12:sp4CVE-2017-16932SUSE Linux Enterprise Desktop 12 SP3
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
ImportantCVE-2017-16932SUSE bug 1069689SUSE bug 1103099SUSE bug 1123129SUSE bug 1123919cpe:/o:suse:sled:12:sp3CVE-2017-16939SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
ImportantCVE-2017-16939SUSE bug 1069702SUSE bug 1069708SUSE bug 1120260cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16942SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.
ModerateCVE-2017-16942SUSE bug 1069874cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16994SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.
ModerateCVE-2017-16994SUSE bug 1069996cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-16995SUSE Linux Enterprise Desktop 12 SP4
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
ModerateCVE-2017-16995SUSE bug 1073928cpe:/o:suse:sled:12:sp4CVE-2017-16996SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.
ModerateCVE-2017-16996SUSE bug 1073928cpe:/o:suse:sled:12:sp4CVE-2017-16997SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.
ImportantCVE-2017-16997SUSE bug 1073231cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17046SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled.
ModerateCVE-2017-17046SUSE bug 1061090cpe:/o:suse:sled:12:sp3CVE-2017-17052SUSE Linux Enterprise Desktop 12 SP4
The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the ->exe_file member of a new process's mm_struct, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program.
ModerateCVE-2017-17052SUSE bug 1069496SUSE bug 1070266cpe:/o:suse:sled:12:sp4CVE-2017-17083SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.
ModerateCVE-2017-17083SUSE bug 1070727cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17084SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
ModerateCVE-2017-17084SUSE bug 1070727cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17085SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
ModerateCVE-2017-17085SUSE bug 1070727cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17122SUSE Linux Enterprise Desktop 12 SP3
The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.
ModerateCVE-2017-17122SUSE bug 1071440cpe:/o:suse:sled:12:sp3CVE-2017-17125SUSE Linux Enterprise Desktop 12 SP3
nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.
ModerateCVE-2017-17125SUSE bug 1071022cpe:/o:suse:sled:12:sp3CVE-2017-17126SUSE Linux Enterprise Desktop 12 SP3
The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers.
ModerateCVE-2017-17126SUSE bug 1071016cpe:/o:suse:sled:12:sp3CVE-2017-171479SUSE Linux Enterprise Desktop 12 SP4
Unknown.
ModerateCVE-2017-171479cpe:/o:suse:sled:12:sp4CVE-2017-17381SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.
ModerateCVE-2017-17381SUSE bug 1071228cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17405SUSE Linux Enterprise Desktop 12 SP3
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default value of localfile is File.basename(remotefile), so malicious FTP servers could cause arbitrary command execution.
ImportantCVE-2017-17405SUSE bug 1073002SUSE bug 1078782cpe:/o:suse:sled:12:sp3CVE-2017-17426SUSE Linux Enterprise Desktop 12 SP3
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.
ModerateCVE-2017-17426SUSE bug 1071479cpe:/o:suse:sled:12:sp3CVE-2017-17433SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.
ModerateCVE-2017-17433SUSE bug 1071459cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17434SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in "xname follows" strings (in the read_ndx_and_attrs function in rsync.c), which allows remote attackers to bypass intended access restrictions.
ModerateCVE-2017-17434SUSE bug 1071460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17448SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces.
ModerateCVE-2017-17448SUSE bug 1071693cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17449SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system.
ModerateCVE-2017-17449SUSE bug 1071694cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17450SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.
LowCVE-2017-17450SUSE bug 1071695SUSE bug 1074033cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17456SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-14245. Reason: This candidate is a duplicate of CVE-2017-14245. Notes: All CVE users should reference CVE-2017-14245 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2017-17456SUSE bug 1059912SUSE bug 1071777SUSE bug 1117906cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17457SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-14246. Reason: This candidate is a duplicate of CVE-2017-14246. Notes: All CVE users should reference CVE-2017-14246 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2017-17457SUSE bug 1059913SUSE bug 1071767SUSE bug 1117906cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17479SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
ModerateCVE-2017-17479SUSE bug 1072125cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17480SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
ModerateCVE-2017-17480SUSE bug 1072124SUSE bug 1072125cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17484SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC.
ModerateCVE-2017-17484SUSE bug 1072193SUSE bug 1123121cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17498SUSE Linux Enterprise Desktop 12 SP3
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2017-17498SUSE bug 1072103cpe:/o:suse:sled:12:sp3CVE-2017-17500SUSE Linux Enterprise Desktop 12 SP3
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.
ModerateCVE-2017-17500SUSE bug 1077737cpe:/o:suse:sled:12:sp3CVE-2017-17501SUSE Linux Enterprise Desktop 12 SP3
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.
LowCVE-2017-17501SUSE bug 1074023cpe:/o:suse:sled:12:sp3CVE-2017-17502SUSE Linux Enterprise Desktop 12 SP3
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
LowCVE-2017-17502SUSE bug 1073081SUSE bug 1077737cpe:/o:suse:sled:12:sp3CVE-2017-17503SUSE Linux Enterprise Desktop 12 SP3
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
ModerateCVE-2017-17503SUSE bug 1072934SUSE bug 1073081SUSE bug 1077737cpe:/o:suse:sled:12:sp3CVE-2017-17504SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
ModerateCVE-2017-17504SUSE bug 1072362cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17558SUSE Linux Enterprise Desktop 12 SP4
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.
ModerateCVE-2017-17558SUSE bug 1072561SUSE bug 1087082SUSE bug 1146519cpe:/o:suse:sled:12:sp4CVE-2017-17563SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
ModerateCVE-2017-17563SUSE bug 1070159cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17564SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
ModerateCVE-2017-17564SUSE bug 1070160SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17565SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.
ModerateCVE-2017-17565SUSE bug 1070163SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17566SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
ModerateCVE-2017-17566SUSE bug 1070158SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17669SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
ModerateCVE-2017-17669SUSE bug 1072928cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17680SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
ModerateCVE-2017-17680SUSE bug 1072902SUSE bug 1074122cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17681SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
ModerateCVE-2017-17681SUSE bug 1072901cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17682SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.
ModerateCVE-2017-17682SUSE bug 1072898cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17688SUSE Linux Enterprise Desktop 12 SP3
** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification.
ImportantCVE-2017-17688SUSE bug 1093151SUSE bug 1093727SUSE bug 1093971SUSE bug 1093973SUSE bug 1115719cpe:/o:suse:sled:12:sp3CVE-2017-17689SUSE Linux Enterprise Desktop 12 SP3
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
ModerateCVE-2017-17689SUSE bug 1093152SUSE bug 1093727SUSE bug 1093969cpe:/o:suse:sled:12:sp3CVE-2017-17712SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
ImportantCVE-2017-17712SUSE bug 1073229SUSE bug 1073230cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17725SUSE Linux Enterprise Desktop 12 SP3
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference.
ModerateCVE-2017-17725SUSE bug 1080734SUSE bug 1184749cpe:/o:suse:sled:12:sp3CVE-2017-17740SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
ModerateCVE-2017-17740SUSE bug 1073313cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17741SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
ImportantCVE-2017-17741SUSE bug 1073311SUSE bug 1091815cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17742SUSE Linux Enterprise Desktop 12 SP3
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick.
ModerateCVE-2017-17742SUSE bug 1087434SUSE bug 1136906SUSE bug 1152992cpe:/o:suse:sled:12:sp3CVE-2017-17785SUSE Linux Enterprise Desktop 12 SP4
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
ModerateCVE-2017-17785SUSE bug 1073625cpe:/o:suse:sled:12:sp4CVE-2017-17786SUSE Linux Enterprise Desktop 12 SP4
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.
ModerateCVE-2017-17786SUSE bug 1073626cpe:/o:suse:sled:12:sp4CVE-2017-17788SUSE Linux Enterprise Desktop 12 SP4
In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.
ModerateCVE-2017-17788SUSE bug 1073629cpe:/o:suse:sled:12:sp4CVE-2017-17790SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.
ModerateCVE-2017-17790SUSE bug 1073002SUSE bug 1078782cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-17805SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.
ImportantCVE-2017-17805SUSE bug 1073792SUSE bug 1087082cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17806SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.
LowCVE-2017-17806SUSE bug 1073874SUSE bug 1087082cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17833SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
ImportantCVE-2017-17833SUSE bug 1090638SUSE bug 1099519SUSE bug 1126909cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17852SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.
ModerateCVE-2017-17852SUSE bug 1073928cpe:/o:suse:sled:12:sp4CVE-2017-17853SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.
ModerateCVE-2017-17853SUSE bug 1073928cpe:/o:suse:sled:12:sp4CVE-2017-17854SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.
ModerateCVE-2017-17854SUSE bug 1073928cpe:/o:suse:sled:12:sp4CVE-2017-17855SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.
ModerateCVE-2017-17855SUSE bug 1073928cpe:/o:suse:sled:12:sp4CVE-2017-17856SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.
ModerateCVE-2017-17856SUSE bug 1073928cpe:/o:suse:sled:12:sp4CVE-2017-17857SUSE Linux Enterprise Desktop 12 SP4
The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.
ModerateCVE-2017-17857SUSE bug 1073928cpe:/o:suse:sled:12:sp4CVE-2017-17862SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
ModerateCVE-2017-17862SUSE bug 1073928cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17864SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
ModerateCVE-2017-17864SUSE bug 1073928cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17879SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
LowCVE-2017-17879SUSE bug 1074125SUSE bug 1074175cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17880SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.
ModerateCVE-2017-17880SUSE bug 1074124SUSE bug 1074299cpe:/o:suse:sled:12:sp3CVE-2017-17881SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
ModerateCVE-2017-17881SUSE bug 1074123cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17882SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
ModerateCVE-2017-17882SUSE bug 1074122cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17883SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file.
ModerateCVE-2017-17883SUSE bug 1074121cpe:/o:suse:sled:12:sp3CVE-2017-17884SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
ModerateCVE-2017-17884SUSE bug 1074120cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17885SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
ModerateCVE-2017-17885SUSE bug 1074119cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17887SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.
ModerateCVE-2017-17887SUSE bug 1074117cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17914SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
ModerateCVE-2017-17914SUSE bug 1074185cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17934SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
ModerateCVE-2017-17934SUSE bug 1074170cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17935SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line.
ModerateCVE-2017-17935SUSE bug 1074171cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17942SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.
ModerateCVE-2017-17942SUSE bug 1074186SUSE bug 1150480SUSE bug 983440cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17969SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
ImportantCVE-2017-17969SUSE bug 1077725cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17973SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue.
ImportantCVE-2017-17973SUSE bug 1074318cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17975SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.
LowCVE-2017-17975SUSE bug 1074426cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-17997SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.
ModerateCVE-2017-17997SUSE bug 1077080cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18008SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
ModerateCVE-2017-18008SUSE bug 1074309cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18013SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.
ImportantCVE-2017-18013SUSE bug 1074317SUSE bug 1082825cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18017SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
ModerateCVE-2017-18017SUSE bug 1074488SUSE bug 1080255SUSE bug 1091815SUSE bug 971126cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-18022SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
ModerateCVE-2017-18022SUSE bug 1074969SUSE bug 1074975cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18027SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-18027SUSE bug 1076051cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18028SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
LowCVE-2017-18028SUSE bug 1076182SUSE bug 1082792SUSE bug 1085236cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18029SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-18029SUSE bug 1076021SUSE bug 1076051cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18030SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
LowCVE-2017-18030SUSE bug 1076179SUSE bug 1076180SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18043SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
LowCVE-2017-18043SUSE bug 1076775cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18075SUSE Linux Enterprise Desktop 12 SP4
crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.
ImportantCVE-2017-18075SUSE bug 1077402SUSE bug 1077404SUSE bug 1087082cpe:/o:suse:sled:12:sp4CVE-2017-18078SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file.
ImportantCVE-2017-18078SUSE bug 1077925cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18174SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
ModerateCVE-2017-18174SUSE bug 1080533cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18190SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1).
ImportantCVE-2017-18190SUSE bug 1081557cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18201SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.
ModerateCVE-2017-18201SUSE bug 1082877cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18202SUSE Linux Enterprise Desktop 12 SP4
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window.
ModerateCVE-2017-18202SUSE bug 1083088cpe:/o:suse:sled:12:sp4CVE-2017-18203SUSE Linux Enterprise Desktop 12 SP4
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.
ModerateCVE-2017-18203SUSE bug 1083242SUSE bug 1091815cpe:/o:suse:sled:12:sp4CVE-2017-18204SUSE Linux Enterprise Desktop 12 SP4
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
ModerateCVE-2017-18204SUSE bug 1083244cpe:/o:suse:sled:12:sp4CVE-2017-18205SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.
ModerateCVE-2017-18205SUSE bug 1082998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18206SUSE Linux Enterprise Desktop 12 SP3
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
ModerateCVE-2017-18206SUSE bug 1083002cpe:/o:suse:sled:12:sp3CVE-2017-18207SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions."
ModerateCVE-2017-18207SUSE bug 1083507cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18208SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
ModerateCVE-2017-18208SUSE bug 1083494SUSE bug 1087082SUSE bug 1091815cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18209SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
LowCVE-2017-18209SUSE bug 1083628cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18210SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.
ModerateCVE-2017-18210SUSE bug 1083632cpe:/o:suse:sled:12:sp3CVE-2017-18211SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.
LowCVE-2017-18211SUSE bug 1083634cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18219SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
ModerateCVE-2017-18219SUSE bug 1084060cpe:/o:suse:sled:12:sp3CVE-2017-18220SUSE Linux Enterprise Desktop 12 SP3
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403.
ModerateCVE-2017-18220SUSE bug 1084062cpe:/o:suse:sled:12:sp3CVE-2017-18224SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.
ModerateCVE-2017-18224SUSE bug 1084831cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18229SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations.
ModerateCVE-2017-18229SUSE bug 1076182SUSE bug 1085236cpe:/o:suse:sled:12:sp3CVE-2017-18230SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-18230SUSE bug 1085233cpe:/o:suse:sled:12:sp3CVE-2017-18231SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-18231SUSE bug 1085232cpe:/o:suse:sled:12:sp3CVE-2017-18233SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.
LowCVE-2017-18233SUSE bug 1085584SUSE bug 1085585cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18234SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp.
ModerateCVE-2017-18234SUSE bug 1085585SUSE bug 1103718cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18236SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.
LowCVE-2017-18236SUSE bug 1085585SUSE bug 1085589cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18238SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
LowCVE-2017-18238SUSE bug 1085583SUSE bug 1085585cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18241SUSE Linux Enterprise Desktop 12 SP3
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.
ModerateCVE-2017-18241SUSE bug 1086400cpe:/o:suse:sled:12:sp3CVE-2017-18248SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
ModerateCVE-2017-18248SUSE bug 1087018SUSE bug 1087072cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18249SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.
ModerateCVE-2017-18249SUSE bug 1087036cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18250SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.
LowCVE-2017-18250SUSE bug 1087039cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18251SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.
LowCVE-2017-18251SUSE bug 1087037cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18252SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.
LowCVE-2017-18252SUSE bug 1087033cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18253SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.
LowCVE-2017-18253SUSE bug 1087030cpe:/o:suse:sled:12:sp3CVE-2017-18254SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.
LowCVE-2017-18254SUSE bug 1087027cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18257SUSE Linux Enterprise Desktop 12 SP3
The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.
ModerateCVE-2017-18257SUSE bug 1088241cpe:/o:suse:sled:12:sp3CVE-2017-18258SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
LowCVE-2017-18258SUSE bug 1088279SUSE bug 1088601SUSE bug 1105166cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18261SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER.
ModerateCVE-2017-18261SUSE bug 1090225cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-18266SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s in this environment variable.
ModerateCVE-2017-18266SUSE bug 1093086cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18269SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.
ModerateCVE-2017-18269SUSE bug 1094150SUSE bug 1118435cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18271SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.
LowCVE-2017-18271SUSE bug 1094204cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18272SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call.
ModerateCVE-2017-18272SUSE bug 1094221cpe:/o:suse:sled:12:sp3CVE-2017-18344SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).
ImportantCVE-2017-18344SUSE bug 1087082SUSE bug 1102851SUSE bug 1103203SUSE bug 1103580cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-18551SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
ModerateCVE-2017-18551SUSE bug 1146163cpe:/o:suse:sled:12:sp4CVE-2017-18552SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.
ModerateCVE-2017-18552SUSE bug 1146295cpe:/o:suse:sled:12:sp4CVE-2017-18595SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
ModerateCVE-2017-18595SUSE bug 1149555cpe:/o:suse:sled:12:sp4CVE-2017-2295SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML.
ImportantCVE-2017-2295SUSE bug 1040151cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2350SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
ModerateCVE-2017-2350SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2354SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2354SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2355SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site.
ModerateCVE-2017-2355SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2356SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2356SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2362SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2362SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2363SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
ModerateCVE-2017-2363SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2364SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
ModerateCVE-2017-2364SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2365SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
ModerateCVE-2017-2365SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2366SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2366SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2369SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2369SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2371SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site.
ModerateCVE-2017-2371SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2373SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2373SUSE bug 1024749cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2496SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2496SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2510SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with pageshow events.
ModerateCVE-2017-2510SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2518SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.
ImportantCVE-2017-2518SUSE bug 1155787SUSE bug 1194085cpe:/o:suse:sled:12:sp4CVE-2017-2538SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2538SUSE bug 1045460cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2539SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-2539SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2579SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
ModerateCVE-2017-2579SUSE bug 1024287SUSE bug 1024288cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2580SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
ModerateCVE-2017-2580SUSE bug 1024287SUSE bug 1024291cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2581SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
ModerateCVE-2017-2581SUSE bug 1024287cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2583SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.
ModerateCVE-2017-2583SUSE bug 1020602SUSE bug 1030573SUSE bug 1087082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-2584SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.
ModerateCVE-2017-2584SUSE bug 1019851SUSE bug 1087082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-2586SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
ModerateCVE-2017-2586SUSE bug 1024287SUSE bug 1024292cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2587SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
ModerateCVE-2017-2587SUSE bug 1024287SUSE bug 1024294cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2596SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
LowCVE-2017-2596SUSE bug 1022785SUSE bug 1027179cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-2615SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
ModerateCVE-2017-2615SUSE bug 1023004SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2616SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
ImportantCVE-2017-2616SUSE bug 1023041SUSE bug 1123789cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2619SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
ImportantCVE-2017-2619SUSE bug 1027147SUSE bug 1036283SUSE bug 1054017cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2620SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
ModerateCVE-2017-2620SUSE bug 1024834SUSE bug 1024972SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2624SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.
ModerateCVE-2017-2624SUSE bug 1025029SUSE bug 1025639SUSE bug 1035283cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2625SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
ModerateCVE-2017-2625SUSE bug 1025046SUSE bug 1025068SUSE bug 1025639SUSE bug 1123802SUSE bug 815650cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2626SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
ModerateCVE-2017-2626SUSE bug 1025068SUSE bug 1025639SUSE bug 1048274SUSE bug 1123800cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2628SUSE Linux Enterprise Desktop 12 SP3
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.
ModerateCVE-2017-2628SUSE bug 1092962cpe:/o:suse:sled:12:sp3CVE-2017-2629SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none or if the server doesn't support the TLS extension in question. This could lead to users not detecting when a server's certificate goes invalid or otherwise be mislead that the server is in a better shape than it is in reality. This flaw also exists in the command line tool (--cert-status).
ModerateCVE-2017-2629SUSE bug 1025379SUSE bug 1042181cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2017-2630SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process.
ModerateCVE-2017-2630SUSE bug 1025396cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2633SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.
LowCVE-2017-2633SUSE bug 1026612SUSE bug 1026636SUSE bug 1074701cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2634SUSE Linux Enterprise Desktop 12 SP1
It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system.
ModerateCVE-2017-2634SUSE bug 1026830cpe:/o:suse:sled:12:sp1CVE-2017-2635SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service.
LowCVE-2017-2635SUSE bug 1027075cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2636SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
ModerateCVE-2017-2636SUSE bug 1027565SUSE bug 1027575SUSE bug 1028372cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2640SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
ImportantCVE-2017-2640SUSE bug 1028835cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2647SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.
ModerateCVE-2017-2647SUSE bug 1030593cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2671SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.
ModerateCVE-2017-2671SUSE bug 1027179SUSE bug 1031003SUSE bug 1087082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-2816SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability.
ModerateCVE-2017-2816SUSE bug 1058673cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2834SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle attack to trigger this vulnerability.
ModerateCVE-2017-2834SUSE bug 1050714SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2835SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability.
ModerateCVE-2017-2835SUSE bug 1050712SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2836SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
ModerateCVE-2017-2836SUSE bug 1050699SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2837SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
ModerateCVE-2017-2837SUSE bug 1050704SUSE bug 1050708SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2838SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
ModerateCVE-2017-2838SUSE bug 1050708SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2839SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
ModerateCVE-2017-2839SUSE bug 1050711SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2862SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
ModerateCVE-2017-2862SUSE bug 1048289cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2870SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability.
ModerateCVE-2017-2870SUSE bug 1048289SUSE bug 1048544cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2885SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability.
ImportantCVE-2017-2885SUSE bug 1052916cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2888SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
ImportantCVE-2017-2888SUSE bug 1062777SUSE bug 1062784cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-2920SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead to arbitrary code execution. An attacker can send a specific .SVG file to trigger this vulnerability.
ImportantCVE-2017-2920SUSE bug 1061964cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-2925SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2925SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2926SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2926SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2927SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2927SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2928SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2928SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2930SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2930SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2931SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2931SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2932SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2932SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2933SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2933SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2934SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2934SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2935SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2935SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2936SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2936SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2937SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-2937SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2938SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.
ImportantCVE-2017-2938SUSE bug 1019129cpe:/o:suse:sled:12:sp1CVE-2017-2982SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2982SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2985SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2985SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2986SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2986SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2987SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2987SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2988SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2988SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2990SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2990SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2991SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2991SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2992SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2992SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2993SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2993SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2994SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2994SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2995SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2995SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2996SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2996SUSE bug 1025258cpe:/o:suse:sled:12:sp1CVE-2017-2997SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2997SUSE bug 1029374cpe:/o:suse:sled:12:sp1CVE-2017-2998SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2998SUSE bug 1029374cpe:/o:suse:sled:12:sp1CVE-2017-2999SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-2999SUSE bug 1029374cpe:/o:suse:sled:12:sp1CVE-2017-3000SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure.
CriticalCVE-2017-3000SUSE bug 1029374cpe:/o:suse:sled:12:sp1CVE-2017-3001SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-3001SUSE bug 1029374cpe:/o:suse:sled:12:sp1CVE-2017-3002SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-3002SUSE bug 1029374cpe:/o:suse:sled:12:sp1CVE-2017-3003SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
CriticalCVE-2017-3003SUSE bug 1029374cpe:/o:suse:sled:12:sp1CVE-2017-3058SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3058SUSE bug 1033619cpe:/o:suse:sled:12:sp1CVE-2017-3059SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3059SUSE bug 1033619cpe:/o:suse:sled:12:sp1CVE-2017-3060SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3060SUSE bug 1033619cpe:/o:suse:sled:12:sp1CVE-2017-3061SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3061SUSE bug 1033619cpe:/o:suse:sled:12:sp1CVE-2017-3062SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3062SUSE bug 1033619cpe:/o:suse:sled:12:sp1CVE-2017-3063SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3063SUSE bug 1033619cpe:/o:suse:sled:12:sp1CVE-2017-3064SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3064SUSE bug 1033619cpe:/o:suse:sled:12:sp1CVE-2017-3068SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3068SUSE bug 1038281cpe:/o:suse:sled:12:sp1CVE-2017-3069SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3069SUSE bug 1038281cpe:/o:suse:sled:12:sp1CVE-2017-3070SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3070SUSE bug 1038281cpe:/o:suse:sled:12:sp1CVE-2017-3071SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3071SUSE bug 1038281cpe:/o:suse:sled:12:sp1CVE-2017-3072SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3072SUSE bug 1038281cpe:/o:suse:sled:12:sp1CVE-2017-3073SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3073SUSE bug 1038281cpe:/o:suse:sled:12:sp1CVE-2017-3074SUSE Linux Enterprise Desktop 12 SP1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
ImportantCVE-2017-3074SUSE bug 1038281cpe:/o:suse:sled:12:sp1CVE-2017-3135SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
ImportantCVE-2017-3135SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1024130SUSE bug 1033466cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3136SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
ImportantCVE-2017-3136SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1024130SUSE bug 1033461SUSE bug 1033466SUSE bug 1081545cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3137SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
ImportantCVE-2017-3137SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1024130SUSE bug 1033461SUSE bug 1033466SUSE bug 1033467SUSE bug 1034162SUSE bug 1076118SUSE bug 1081545cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3138SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9.
ModerateCVE-2017-3138SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1024130SUSE bug 1033461SUSE bug 1033466SUSE bug 1033468cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3142SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.
ModerateCVE-2017-3142SUSE bug 1024130SUSE bug 1046554SUSE bug 1046555cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3143SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.
ModerateCVE-2017-3143SUSE bug 1024130SUSE bug 1046554SUSE bug 1046555cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3144SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
ModerateCVE-2017-3144SUSE bug 1076118SUSE bug 1076119cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3145SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
ImportantCVE-2017-3145SUSE bug 1076118SUSE bug 1101131SUSE bug 1177790cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3157SUSE Linux Enterprise Desktop 12 SP4
By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back.
ModerateCVE-2017-3157SUSE bug 1026640cpe:/o:suse:sled:12:sp4CVE-2017-3231SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).
ModerateCVE-2017-3231SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3238SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ModerateCVE-2017-3238SUSE bug 1020868SUSE bug 1020882cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3241SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts).
CriticalCVE-2017-3241SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3243SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).
ModerateCVE-2017-3243SUSE bug 1020868SUSE bug 1020891cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3244SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ModerateCVE-2017-3244SUSE bug 1020868SUSE bug 1020877cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3251SUSE Linux Enterprise Desktop 12 SP1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).
ModerateCVE-2017-3251SUSE bug 1020868SUSE bug 1020888SUSE bug 1053919cpe:/o:suse:sled:12:sp1CVE-2017-3252SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts).
ImportantCVE-2017-3252SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3253SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts).
ImportantCVE-2017-3253SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3256SUSE Linux Enterprise Desktop 12 SP1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ModerateCVE-2017-3256SUSE bug 1020868SUSE bug 1020883SUSE bug 1053919cpe:/o:suse:sled:12:sp1CVE-2017-3257SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ModerateCVE-2017-3257SUSE bug 1020868SUSE bug 1020878cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3258SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ModerateCVE-2017-3258SUSE bug 1020868SUSE bug 1020875cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3259SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).
ModerateCVE-2017-3259SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-3260SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts).
ImportantCVE-2017-3260SUSE bug 1020905cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3261SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).
ModerateCVE-2017-3261SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3265SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).
ModerateCVE-2017-3265SUSE bug 1020868SUSE bug 1020885cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3272SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).
CriticalCVE-2017-3272SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3273SUSE Linux Enterprise Desktop 12 SP1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ModerateCVE-2017-3273SUSE bug 1020868SUSE bug 1020876SUSE bug 1053919cpe:/o:suse:sled:12:sp1CVE-2017-3289SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).
CriticalCVE-2017-3289SUSE bug 1020905SUSE bug 1024218cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3291SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).
ModerateCVE-2017-3291SUSE bug 1020868SUSE bug 1020884SUSE bug 998309cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3302SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
ModerateCVE-2017-3302SUSE bug 1022428SUSE bug 1034850SUSE bug 1034911cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3305SUSE Linux Enterprise Desktop 12 SP1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client, aka, "The Riddle".
ModerateCVE-2017-3305SUSE bug 1029396SUSE bug 1034850SUSE bug 1037590SUSE bug 924663cpe:/o:suse:sled:12:sp1CVE-2017-3308SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2017-3308SUSE bug 1034850SUSE bug 1048715cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3309SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2017-3309SUSE bug 1034850SUSE bug 1048715cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3312SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts).
ModerateCVE-2017-3312SUSE bug 1020868SUSE bug 1020873SUSE bug 998309cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3313SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).
LowCVE-2017-3313SUSE bug 1020868SUSE bug 1020890SUSE bug 1034911cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3317SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).
LowCVE-2017-3317SUSE bug 1020868SUSE bug 1020894cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3318SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).
LowCVE-2017-3318SUSE bug 1020868SUSE bug 1020896cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3319SUSE Linux Enterprise Desktop 12 SP1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).
LowCVE-2017-3319SUSE bug 1020868SUSE bug 1020898cpe:/o:suse:sled:12:sp1CVE-2017-3320SUSE Linux Enterprise Desktop 12 SP1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).
ModerateCVE-2017-3320SUSE bug 1020868SUSE bug 1020901SUSE bug 1053919cpe:/o:suse:sled:12:sp1CVE-2017-3453SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3453SUSE bug 1034850SUSE bug 1048715cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3456SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3456SUSE bug 1034850SUSE bug 1048715cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3464SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2017-3464SUSE bug 1034850SUSE bug 1048715cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3509SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).
ModerateCVE-2017-3509SUSE bug 1034849SUSE bug 1038505cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3511SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2017-3511SUSE bug 1034849SUSE bug 1038505cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3512SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2017-3512SUSE bug 1034849SUSE bug 1038505cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3514SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2017-3514SUSE bug 1034849SUSE bug 1038505cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3526SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
ImportantCVE-2017-3526SUSE bug 1034849cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3533SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2017-3533SUSE bug 1034849SUSE bug 1038505cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3539SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).
ModerateCVE-2017-3539SUSE bug 1005522SUSE bug 1034849SUSE bug 1038505cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3544SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
ImportantCVE-2017-3544SUSE bug 1034849SUSE bug 1038505cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3636SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
ModerateCVE-2017-3636SUSE bug 1049399SUSE bug 1049422SUSE bug 1054591SUSE bug 1076506cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3641SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3641SUSE bug 1049404SUSE bug 1049422SUSE bug 1054591SUSE bug 1076506cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3653SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).
LowCVE-2017-3653SUSE bug 1049417SUSE bug 1049422SUSE bug 1054591SUSE bug 1076506cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3730SUSE Linux Enterprise Desktop 12 SP1
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
ModerateCVE-2017-3730SUSE bug 1021641SUSE bug 1022084cpe:/o:suse:sled:12:sp1CVE-2017-3731SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k.
ModerateCVE-2017-3731SUSE bug 1021641SUSE bug 1022085SUSE bug 1064118SUSE bug 1064119cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3732SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.
LowCVE-2017-3732SUSE bug 1021641SUSE bug 1022086SUSE bug 1049418SUSE bug 1049421SUSE bug 1049422SUSE bug 1066242SUSE bug 1071906SUSE bug 957814cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3733SUSE Linux Enterprise Desktop 12 SP1
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
ModerateCVE-2017-3733SUSE bug 1025661SUSE bug 1064200cpe:/o:suse:sled:12:sp1CVE-2017-3735SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.
ModerateCVE-2017-3735SUSE bug 1056058cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3736SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.
ModerateCVE-2017-3736SUSE bug 1066242SUSE bug 1071906SUSE bug 1076369SUSE bug 957814cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3737SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.
ModerateCVE-2017-3737SUSE bug 1071905SUSE bug 1072322SUSE bug 1076369SUSE bug 1089987SUSE bug 1089997cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-3738SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.
LowCVE-2017-3738SUSE bug 1071906SUSE bug 1097757cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5029SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
ModerateCVE-2017-5029SUSE bug 1028848SUSE bug 1028875SUSE bug 1035905SUSE bug 1123130cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5031SUSE Linux Enterprise Desktop 12 SP1
A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2017-5031SUSE bug 1028848SUSE bug 1028875cpe:/o:suse:sled:12:sp1CVE-2017-5123SUSE Linux Enterprise Desktop 12 SP3
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.
ImportantCVE-2017-5123SUSE bug 1062473SUSE bug 1122971cpe:/o:suse:sled:12:sp3CVE-2017-5130SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
ImportantCVE-2017-5130SUSE bug 1064066SUSE bug 1064089SUSE bug 1078806SUSE bug 1123129SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5202SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
ModerateCVE-2017-5202SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5203SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
ModerateCVE-2017-5203SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5204SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
ModerateCVE-2017-5204SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5205SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
ModerateCVE-2017-5205SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5209SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
ModerateCVE-2017-5209SUSE bug 1019531SUSE bug 1021610cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5225SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
ModerateCVE-2017-5225SUSE bug 1019611cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5334SUSE Linux Enterprise Desktop 12 SP1
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.
ModerateCVE-2017-5334SUSE bug 1018831cpe:/o:suse:sled:12:sp1CVE-2017-5335SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
ModerateCVE-2017-5335SUSE bug 1018832SUSE bug 1021057cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5336SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
ModerateCVE-2017-5336SUSE bug 1018832SUSE bug 1021057cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5337SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
ModerateCVE-2017-5337SUSE bug 1018832SUSE bug 1021057cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5341SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
ModerateCVE-2017-5341SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5342SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
ModerateCVE-2017-5342SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5373SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
ImportantCVE-2017-5373SUSE bug 1021824SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5374SUSE Linux Enterprise Desktop 12 SP1
Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 51.
ImportantCVE-2017-5374SUSE bug 1021841SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5375SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
ImportantCVE-2017-5375SUSE bug 1021814SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5376SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
ImportantCVE-2017-5376SUSE bug 1021817SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5377SUSE Linux Enterprise Desktop 12 SP1
A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51.
ImportantCVE-2017-5377SUSE bug 1021826SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5378SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
ModerateCVE-2017-5378SUSE bug 1021818SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5379SUSE Linux Enterprise Desktop 12 SP1
Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5379SUSE bug 1021827SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5380SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
ModerateCVE-2017-5380SUSE bug 1021819SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5381SUSE Linux Enterprise Desktop 12 SP1
The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5381SUSE bug 1021830SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5382SUSE Linux Enterprise Desktop 12 SP1
Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5382SUSE bug 1021831SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5383SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
ModerateCVE-2017-5383SUSE bug 1021822SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5384SUSE Linux Enterprise Desktop 12 SP1
Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed to be non-malicious, but if a user has enabled Web Proxy Auto Detect (WPAD) this file can be served remotely. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5384SUSE bug 1021832SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5385SUSE Linux Enterprise Desktop 12 SP1
Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5385SUSE bug 1021833SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5386SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.
ModerateCVE-2017-5386SUSE bug 1021823SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5387SUSE Linux Enterprise Desktop 12 SP1
The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox < 51.
LowCVE-2017-5387SUSE bug 1021839SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5388SUSE Linux Enterprise Desktop 12 SP1
A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5388SUSE bug 1021840SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5389SUSE Linux Enterprise Desktop 12 SP1
WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5389SUSE bug 1021828SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5390SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
ModerateCVE-2017-5390SUSE bug 1021820SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5391SUSE Linux Enterprise Desktop 12 SP1
Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation. This vulnerability affects Firefox < 51.
ImportantCVE-2017-5391SUSE bug 1021835SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5392SUSE Linux Enterprise Desktop 12 SP1
Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.
ImportantCVE-2017-5392SUSE bug 1021836cpe:/o:suse:sled:12:sp1CVE-2017-5393SUSE Linux Enterprise Desktop 12 SP1
The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5393SUSE bug 1021837SUSE bug 1021991cpe:/o:suse:sled:12:sp1CVE-2017-5394SUSE Linux Enterprise Desktop 12 SP1
A location bar spoofing attack where the location bar of loaded page will be shown over the content of another tab due to a series of JavaScript events combined with fullscreen mode. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5394SUSE bug 1021834cpe:/o:suse:sled:12:sp1CVE-2017-5395SUSE Linux Enterprise Desktop 12 SP1
Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing location bar on the new page is scrolled out of view if navigations between pages can be timed correctly. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.
ModerateCVE-2017-5395SUSE bug 1021838cpe:/o:suse:sled:12:sp1CVE-2017-5396SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
ModerateCVE-2017-5396SUSE bug 1021821SUSE bug 1021991cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5397SUSE Linux Enterprise Desktop 12 SP1
The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to replace files used by Firefox with their own versions. This vulnerability affects Firefox < 51.0.3.
CriticalCVE-2017-5397cpe:/o:suse:sled:12:sp1CVE-2017-5398SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5398SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5400SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5400SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5401SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5401SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5402SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5402SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5404SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5404SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5405SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5405SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5407SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5407SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5408SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5408SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5409SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 45.8 and Firefox < 52.
ModerateCVE-2017-5409SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5410SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
ModerateCVE-2017-5410SUSE bug 1028391SUSE bug 1028393cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5428SUSE Linux Enterprise Desktop 12 SP1
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.
ImportantCVE-2017-5428SUSE bug 1029822cpe:/o:suse:sled:12:sp1CVE-2017-5429SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5429SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5430SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CriticalCVE-2017-5430SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5432SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5432SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5433SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5433SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5434SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5434SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5435SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CriticalCVE-2017-5435SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5436SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ModerateCVE-2017-5436SUSE bug 1035082SUSE bug 1035204cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5437SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10195, CVE-2016-10196, CVE-2016-10197. Reason: This candidate is a duplicate of CVE-2016-10195, CVE-2016-10196, and CVE-2016-10197. Notes: All CVE users should reference CVE-2016-10195, CVE-2016-10196, and/or CVE-2016-10197 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2017-5437SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5438SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5438SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5439SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5439SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5440SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5440SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5441SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5441SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5442SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5442SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5443SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5443SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5444SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5444SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5445SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5445SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5446SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5446SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5447SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5447SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5448SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data within memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5448SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5449SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
ModerateCVE-2017-5449SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5451SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
ModerateCVE-2017-5451SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5454SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5454SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5455SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.
ImportantCVE-2017-5455SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5456SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.
ImportantCVE-2017-5456SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5459SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CriticalCVE-2017-5459SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5460SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5460SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5461SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.
CriticalCVE-2017-5461SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5462SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5462SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5464SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5464SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5465SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5465SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5466SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. This allows for a cross-site scripting (XSS) attack. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CriticalCVE-2017-5466SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5467SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
ModerateCVE-2017-5467SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5469SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
ImportantCVE-2017-5469SUSE bug 1035082SUSE bug 1035209cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5470SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-5470SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5472SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-5472SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5482SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
ModerateCVE-2017-5482SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5483SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
ModerateCVE-2017-5483SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5484SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
ModerateCVE-2017-5484SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5485SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
ModerateCVE-2017-5485SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5486SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
ModerateCVE-2017-5486SUSE bug 1020940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5498SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
LowCVE-2017-5498SUSE bug 1020353SUSE bug 1020451SUSE bug 1020456SUSE bug 1020460SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5506SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
ModerateCVE-2017-5506SUSE bug 1020436cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5507SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
ModerateCVE-2017-5507SUSE bug 1020439cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5508SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
ModerateCVE-2017-5508SUSE bug 1020441SUSE bug 1086782cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5509SUSE Linux Enterprise Desktop 12 SP1
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
ModerateCVE-2017-5509SUSE bug 1020445cpe:/o:suse:sled:12:sp1CVE-2017-5510SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
ModerateCVE-2017-5510SUSE bug 1020446cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5511SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
ModerateCVE-2017-5511SUSE bug 1020448cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5525SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
ModerateCVE-2017-5525SUSE bug 1020491cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5526SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
ModerateCVE-2017-5526SUSE bug 1020589SUSE bug 1059777SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5545SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
ModerateCVE-2017-5545SUSE bug 1021610cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5547SUSE Linux Enterprise Desktop 12 SP1
drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
LowCVE-2017-5547SUSE bug 1021252cpe:/o:suse:sled:12:sp1CVE-2017-5548SUSE Linux Enterprise Desktop 12 SP1
drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
ModerateCVE-2017-5548SUSE bug 1021255cpe:/o:suse:sled:12:sp1CVE-2017-5550SUSE Linux Enterprise Desktop 12 SP1
Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision.
ModerateCVE-2017-5550SUSE bug 1021257cpe:/o:suse:sled:12:sp1CVE-2017-5551SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.
LowCVE-2017-5551SUSE bug 1021258SUSE bug 995968cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5552SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
ModerateCVE-2017-5552SUSE bug 1021195cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5576SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.
LowCVE-2017-5576SUSE bug 1021294cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-5577SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.
LowCVE-2017-5577SUSE bug 1021294cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-5578SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
ModerateCVE-2017-5578SUSE bug 1021481cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5579SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
LowCVE-2017-5579SUSE bug 1021741SUSE bug 1022627cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5580SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction.
ModerateCVE-2017-5580SUSE bug 1021627cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5596SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
LowCVE-2017-5596SUSE bug 1021739cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5597SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.
LowCVE-2017-5597SUSE bug 1021739cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5618SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
ImportantCVE-2017-5618SUSE bug 1021743cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-5667SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.
ModerateCVE-2017-5667SUSE bug 1022541cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5669SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
ModerateCVE-2017-5669SUSE bug 1026914SUSE bug 1102390cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5715SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
ImportantCVE-2017-5715SUSE bug 1068032SUSE bug 1074562SUSE bug 1074578SUSE bug 1074701SUSE bug 1074741SUSE bug 1074919SUSE bug 1075006SUSE bug 1075007SUSE bug 1075262SUSE bug 1075419SUSE bug 1076115SUSE bug 1076372SUSE bug 1078353SUSE bug 1080039SUSE bug 1087887SUSE bug 1087939SUSE bug 1088147SUSE bug 1091815SUSE bug 1095735SUSE bug 1102517SUSE bug 1105108SUSE bug 1126516SUSE bug 1173489SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5731SUSE Linux Enterprise Desktop 12 SP4
Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access.
ModerateCVE-2017-5731SUSE bug 1115917cpe:/o:suse:sled:12:sp4CVE-2017-5732SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.
ModerateCVE-2017-5732SUSE bug 1115917cpe:/o:suse:sled:12:sp4CVE-2017-5733SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.
ModerateCVE-2017-5733SUSE bug 1115917cpe:/o:suse:sled:12:sp4CVE-2017-5734SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
ModerateCVE-2017-5734SUSE bug 1115917cpe:/o:suse:sled:12:sp4CVE-2017-5735SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.
ModerateCVE-2017-5735SUSE bug 1115917cpe:/o:suse:sled:12:sp4CVE-2017-5753SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
ImportantCVE-2017-5753SUSE bug 1068032SUSE bug 1074562SUSE bug 1074578SUSE bug 1074701SUSE bug 1075006SUSE bug 1075419SUSE bug 1075748SUSE bug 1080039SUSE bug 1087084SUSE bug 1087939SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5754SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
ImportantCVE-2017-5754SUSE bug 1068032SUSE bug 1074562SUSE bug 1074578SUSE bug 1074701SUSE bug 1075006SUSE bug 1075008SUSE bug 1087939SUSE bug 1115045SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5834SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
ModerateCVE-2017-5834SUSE bug 1023848cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5835SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
LowCVE-2017-5835SUSE bug 1023822cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5836SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
LowCVE-2017-5836SUSE bug 1023807SUSE bug 1023848cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5837SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.
LowCVE-2017-5837SUSE bug 1023259SUSE bug 1024076SUSE bug 1024079cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5838SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
ModerateCVE-2017-5838SUSE bug 1023259SUSE bug 1024051cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5839SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.
LowCVE-2017-5839SUSE bug 1023259SUSE bug 1024047cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5840SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
LowCVE-2017-5840SUSE bug 1023259SUSE bug 1024034cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5841SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.
LowCVE-2017-5841SUSE bug 1023259SUSE bug 1024030SUSE bug 1024062cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5842SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.
LowCVE-2017-5842SUSE bug 1023259SUSE bug 1024041cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5843SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.
LowCVE-2017-5843SUSE bug 1023259SUSE bug 1024044cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5844SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
LowCVE-2017-5844SUSE bug 1023259SUSE bug 1024079cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5845SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag.
LowCVE-2017-5845SUSE bug 1023259SUSE bug 1024062cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5848SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
LowCVE-2017-5848SUSE bug 1023259SUSE bug 1024068cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5852SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file.
ModerateCVE-2017-5852SUSE bug 1023067cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5853SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
ModerateCVE-2017-5853SUSE bug 1023069cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5854SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
ModerateCVE-2017-5854SUSE bug 1023070SUSE bug 1096890cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5855SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
ModerateCVE-2017-5855SUSE bug 1023071cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5856SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.
ModerateCVE-2017-5856SUSE bug 1023053SUSE bug 1024186cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5857SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.
LowCVE-2017-5857SUSE bug 1023073cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5886SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
ModerateCVE-2017-5886SUSE bug 1023380SUSE bug 1084902cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5897SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
ModerateCVE-2017-5897SUSE bug 1023762SUSE bug 1087082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5898SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.
ModerateCVE-2017-5898SUSE bug 1023907SUSE bug 1024307cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5931SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow.
ModerateCVE-2017-5931SUSE bug 1024114cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5932SUSE Linux Enterprise Desktop 12 SP1
The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter.
ModerateCVE-2017-5932SUSE bug 1024171cpe:/o:suse:sled:12:sp1CVE-2017-5937SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and earlier allows local guest OS users to cause a denial of service (NULL pointer dereference) via a crafted VIRGL_CCMD_CLEAR command.
ModerateCVE-2017-5937SUSE bug 1024232SUSE bug 1041089cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5950SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
ModerateCVE-2017-5950SUSE bug 1032144cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5951SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
ModerateCVE-2017-5951SUSE bug 1032114SUSE bug 1036453cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5953SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
ModerateCVE-2017-5953SUSE bug 1024724SUSE bug 1123143SUSE bug 1173534cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5956SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index.
ModerateCVE-2017-5956SUSE bug 1024992cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5957SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU), allows a local guest users to cause a denial of service (application crash) via the "nr_cbufs" argument.
ModerateCVE-2017-5957SUSE bug 1024993cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5967SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by reading the /proc/timer_list file, related to the print_timer function in kernel/time/timer_list.c and the __timer_stats_timer_set_start_info function in kernel/time/timer.c.
ModerateCVE-2017-5967SUSE bug 1025209cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5969SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser."
ModerateCVE-2017-5969SUSE bug 1024989SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5970SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
ImportantCVE-2017-5970SUSE bug 1024938SUSE bug 1025013cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5973SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
ModerateCVE-2017-5973SUSE bug 1025109SUSE bug 1025188cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5974SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
ModerateCVE-2017-5974SUSE bug 1024517cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5975SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
ModerateCVE-2017-5975SUSE bug 1024528cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5976SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
ModerateCVE-2017-5976SUSE bug 1024531cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5977SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.
ModerateCVE-2017-5977SUSE bug 1024534cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5978SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file.
ModerateCVE-2017-5978SUSE bug 1024533cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5979SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
ModerateCVE-2017-5979SUSE bug 1024535cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5980SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
ModerateCVE-2017-5980SUSE bug 1024536cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-5981SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file.
ModerateCVE-2017-5981SUSE bug 1024539cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5986SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.
ModerateCVE-2017-5986SUSE bug 1025235SUSE bug 1027066cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5987SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.
LowCVE-2017-5987SUSE bug 1025311cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5993SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands.
LowCVE-2017-5993SUSE bug 1025505cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-5994SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter.
LowCVE-2017-5994SUSE bug 1025507cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6000SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
LowCVE-2017-6000SUSE bug 1025594cpe:/o:suse:sled:12:sp1CVE-2017-6001SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.
ModerateCVE-2017-6001SUSE bug 1015160SUSE bug 1025626cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6014SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.
ModerateCVE-2017-6014SUSE bug 1025913cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6058SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and QEMU process crash) via vectors related to VLAN stripping.
ModerateCVE-2017-6058SUSE bug 1025837cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6074SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
ImportantCVE-2017-6074SUSE bug 1026024cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-6181SUSE Linux Enterprise Desktop 12 SP1
The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod) regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted regular expression.
ModerateCVE-2017-6181SUSE bug 1033625cpe:/o:suse:sled:12:sp1CVE-2017-6196SUSE Linux Enterprise Desktop 12 SP1
Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document.
ModerateCVE-2017-6196SUSE bug 1027039cpe:/o:suse:sled:12:sp1CVE-2017-6209SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to parsing properties.
ModerateCVE-2017-6209SUSE bug 1026723cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6210SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero).
ModerateCVE-2017-6210SUSE bug 1026725cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6214SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
ModerateCVE-2017-6214SUSE bug 1026722SUSE bug 1027179cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-6311SUSE Linux Enterprise Desktop 12 SP1
gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.
ModerateCVE-2017-6311SUSE bug 1027024SUSE bug 1027027cpe:/o:suse:sled:12:sp1CVE-2017-6312SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.
ModerateCVE-2017-6312SUSE bug 1027024SUSE bug 1027026cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6313SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
ModerateCVE-2017-6313SUSE bug 1027024cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6314SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.
ModerateCVE-2017-6314SUSE bug 1027024SUSE bug 1027025cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6317SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the add_shader_program function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via vectors involving the sprog variable.
ModerateCVE-2017-6317SUSE bug 1026922cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6318SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.
ModerateCVE-2017-6318SUSE bug 1027197cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6345SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
ModerateCVE-2017-6345SUSE bug 1027179SUSE bug 1027190SUSE bug 1087082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-6346SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
ModerateCVE-2017-6346SUSE bug 1027179SUSE bug 1027189SUSE bug 1064388SUSE bug 1064392cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-6347SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission.
ModerateCVE-2017-6347SUSE bug 1027179cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6348SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
ModerateCVE-2017-6348SUSE bug 1027178SUSE bug 1087082cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-6349SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
ModerateCVE-2017-6349SUSE bug 1027057cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6350SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
ModerateCVE-2017-6350SUSE bug 1027053cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6353SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.
ModerateCVE-2017-6353SUSE bug 1025235SUSE bug 1027066cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6355SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
ModerateCVE-2017-6355SUSE bug 1027108cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6362SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
ImportantCVE-2017-6362SUSE bug 1056993cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6369SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.
ModerateCVE-2017-6369SUSE bug 1023990cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6386SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands.
LowCVE-2017-6386SUSE bug 1027376cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6414SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Memory leak in the vcard_apdu_new function in card_7816.c in libcacard before 2.5.3 allows local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object.
ModerateCVE-2017-6414SUSE bug 1027514SUSE bug 1027570cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-6418SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
ModerateCVE-2017-6418SUSE bug 1052466cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6419SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
ModerateCVE-2017-6419SUSE bug 1052449SUSE bug 1083915cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6420SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
ModerateCVE-2017-6420SUSE bug 1052448cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6435SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
ModerateCVE-2017-6435SUSE bug 1029639cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6436SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
LowCVE-2017-6436SUSE bug 1029751cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6437SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
ModerateCVE-2017-6437SUSE bug 1029707cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6438SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
ModerateCVE-2017-6438SUSE bug 1029706cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6439SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
ModerateCVE-2017-6439SUSE bug 1029638cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6440SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
ModerateCVE-2017-6440SUSE bug 1029631SUSE bug 1029706cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6451SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write.
ModerateCVE-2017-6451SUSE bug 1030050cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6458SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
ModerateCVE-2017-6458SUSE bug 1030050SUSE bug 1038049cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6460SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
ModerateCVE-2017-6460SUSE bug 1030050SUSE bug 1038049cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6462SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
ModerateCVE-2017-6462SUSE bug 1030050SUSE bug 1038049cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6463SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
ModerateCVE-2017-6463SUSE bug 1030050SUSE bug 1038049cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6464SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
ModerateCVE-2017-6464SUSE bug 1030050SUSE bug 1038049cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6497SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
LowCVE-2017-6497SUSE bug 1028087cpe:/o:suse:sled:12:sp1CVE-2017-6498SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
ModerateCVE-2017-6498SUSE bug 1028085cpe:/o:suse:sled:12:sp1CVE-2017-6499SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
LowCVE-2017-6499SUSE bug 1028083cpe:/o:suse:sled:12:sp1CVE-2017-6501SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.
ModerateCVE-2017-6501SUSE bug 1028071cpe:/o:suse:sled:12:sp1CVE-2017-6502SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
LowCVE-2017-6502SUSE bug 1028075cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6505SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.
ModerateCVE-2017-6505SUSE bug 1028184SUSE bug 1028235SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6507SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due to the common logic to handle 'restart' operations removing AppArmor profiles that aren't found in the typical filesystem locations, such as /etc/apparmor.d/. Userspace projects that manage their own AppArmor profiles in atypical directories, such as what's done by LXD and Docker, are affected by this flaw in the AppArmor init script logic.
ModerateCVE-2017-6507SUSE bug 1029696cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6508SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.
ModerateCVE-2017-6508SUSE bug 1028301SUSE bug 1159418cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6512SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
ModerateCVE-2017-6512SUSE bug 1042218SUSE bug 1047178cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6519SUSE Linux Enterprise Desktop 12 SP1
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
ModerateCVE-2017-6519SUSE bug 1037001cpe:/o:suse:sled:12:sp1CVE-2017-6827SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file.
ModerateCVE-2017-6827SUSE bug 1026979cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6828SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file.
ModerateCVE-2017-6828SUSE bug 1026980cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6829SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6829SUSE bug 1026981cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6830SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6830SUSE bug 1026982cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6831SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
LowCVE-2017-6831SUSE bug 1026983cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6832SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
LowCVE-2017-6832SUSE bug 1026984cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6833SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
LowCVE-2017-6833SUSE bug 1026985cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6834SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6834SUSE bug 1026986cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6835SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
LowCVE-2017-6835SUSE bug 1026988cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6836SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file.
LowCVE-2017-6836SUSE bug 1026987cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6837SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients.
ModerateCVE-2017-6837SUSE bug 1026978cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6838SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6838SUSE bug 1026978cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6839SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6839SUSE bug 1026978cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6840SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file.
ModerateCVE-2017-6840SUSE bug 1027787cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6844SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
ModerateCVE-2017-6844SUSE bug 1027782cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6845SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
ModerateCVE-2017-6845SUSE bug 1027779SUSE bug 1027781cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6846SUSE Linux Enterprise Desktop 12 SP1
The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
ModerateCVE-2017-6846SUSE bug 1029856cpe:/o:suse:sled:12:sp1CVE-2017-6847SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
ModerateCVE-2017-6847SUSE bug 1027778cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6850SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
LowCVE-2017-6850SUSE bug 1021868SUSE bug 1178702cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6874SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that causes incorrect interaction between put_ucounts and get_ucounts.
ModerateCVE-2017-6874SUSE bug 1029314cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6886SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.
ModerateCVE-2017-6886SUSE bug 1039380cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6887SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.
ModerateCVE-2017-6887SUSE bug 1039379cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6889SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow.
ImportantCVE-2017-6889SUSE bug 1039210cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-6890SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow.
ImportantCVE-2017-6890SUSE bug 1039209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6891SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.
ModerateCVE-2017-6891SUSE bug 1040621SUSE bug 1149679cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6892SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file.
ModerateCVE-2017-6892SUSE bug 1043978cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6899SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The msm_bus_dbg_update_request_write function in drivers/platform/msm/msm_bus/msm_bus_dbg.c in android_kernel_huawei_msm8916 through 2017-06-16 in LineageOS, and possibly other kernels for MSM devices, allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted /sys/kernel/debug/msm-bus-dbg/client-data/update-request write request.
ModerateCVE-2017-6899cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6951SUSE Linux Enterprise Desktop 12 SP1
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
ModerateCVE-2017-6951SUSE bug 1029850SUSE bug 1030593cpe:/o:suse:sled:12:sp1CVE-2017-6965SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.
ModerateCVE-2017-6965SUSE bug 1029909SUSE bug 1030295SUSE bug 1030296cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6966SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.
ImportantCVE-2017-6966SUSE bug 1029908SUSE bug 1030295SUSE bug 1030296cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-6967SUSE Linux Enterprise Desktop 12 SP4
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
ModerateCVE-2017-6967SUSE bug 1029912SUSE bug 442182cpe:/o:suse:sled:12:sp4CVE-2017-6969SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
ModerateCVE-2017-6969SUSE bug 1029907SUSE bug 1030295SUSE bug 1030296SUSE bug 1105209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7006SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct a timing side-channel attack to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses SVG filters.
CriticalCVE-2017-7006SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7011SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site that uses FRAME elements.
CriticalCVE-2017-7011SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7012SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7012SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7018SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7018SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7019SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit Page Loading" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7019SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7020SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7020SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7030SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7030SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7034SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7034SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7037SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7037SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7038SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
CriticalCVE-2017-7038SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7039SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7039SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7040SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7040SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7041SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7041SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7042SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7042SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7043SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7043SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7046SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7046SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7048SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7048SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7049SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7049SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7052SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7052SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7055SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7055SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7056SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7056SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7059SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
CriticalCVE-2017-7059SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7061SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CriticalCVE-2017-7061SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7064SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CriticalCVE-2017-7064SUSE bug 1050469cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7081SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7081SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7087SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7087SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7089SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing.
ImportantCVE-2017-7089SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7090SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive cookie information via a custom URL scheme.
ImportantCVE-2017-7090SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7091SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-7091SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7092SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-7092SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7093SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7093SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7094SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7094SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7095SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-7095SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7096SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7096SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7098SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7098SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7099SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7099SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7100SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7100SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7102SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7102SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7104SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7104SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7107SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7107SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7109SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via crafted web content that incorrectly interacts with the Application Cache policy.
ImportantCVE-2017-7109SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7111SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-7111SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7117SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7117SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7120SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2017-7120SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7142SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection mechanism, and consequently obtain sensitive information about visited web sites.
ImportantCVE-2017-7142SUSE bug 1066892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7153SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof user-interface information (about whether the entire content is derived from a valid TLS session) via a crafted web site that sends a 401 Unauthorized redirect.
ModerateCVE-2017-7153SUSE bug 1075775SUSE bug 1077535cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7156SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-7156SUSE bug 1073654cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7157SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-7157SUSE bug 1073654cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7160SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-7160SUSE bug 1075775SUSE bug 1077535cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7161SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code via special characters that trigger command injection.
ModerateCVE-2017-7161SUSE bug 1075775SUSE bug 1077535cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7165SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2017-7165SUSE bug 1075775SUSE bug 1077535cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7184SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
ModerateCVE-2017-7184SUSE bug 1030573SUSE bug 1030575cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7187SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.
ModerateCVE-2017-7187SUSE bug 1027179SUSE bug 1030213cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7207SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
LowCVE-2017-7207SUSE bug 1030263SUSE bug 1036453cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7209SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.
ModerateCVE-2017-7209SUSE bug 1030295SUSE bug 1030296SUSE bug 1030298cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7210SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.
ModerateCVE-2017-7210SUSE bug 1030295SUSE bug 1030296SUSE bug 1030297cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7223SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.
ModerateCVE-2017-7223SUSE bug 1030295SUSE bug 1030296SUSE bug 1030589cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7224SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash.
ModerateCVE-2017-7224SUSE bug 1030295SUSE bug 1030296SUSE bug 1030588cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7225SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash.
ModerateCVE-2017-7225SUSE bug 1030295SUSE bug 1030296SUSE bug 1030585cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7226SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well.
ModerateCVE-2017-7226SUSE bug 1030295SUSE bug 1030296SUSE bug 1030584SUSE bug 1105209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7227SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l.
ModerateCVE-2017-7227SUSE bug 1030583cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-7228SUSE Linux Enterprise Desktop 12 SP2
An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays.
ImportantCVE-2017-7228SUSE bug 1030442SUSE bug 1178658cpe:/o:suse:sled:12:sp2CVE-2017-7244SUSE Linux Enterprise Desktop 12 SP1
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.
ModerateCVE-2017-7244SUSE bug 1030807cpe:/o:suse:sled:12:sp1CVE-2017-7245SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2017-7245SUSE bug 1030805cpe:/o:suse:sled:12:sp1CVE-2017-7246SUSE Linux Enterprise Desktop 12 SP1
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2017-7246SUSE bug 1030803SUSE bug 1030805cpe:/o:suse:sled:12:sp1CVE-2017-7261SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.
ModerateCVE-2017-7261SUSE bug 1027179SUSE bug 1031052cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7275SUSE Linux Enterprise Desktop 12 SP1
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.
ModerateCVE-2017-7275SUSE bug 1031267cpe:/o:suse:sled:12:sp1CVE-2017-7277SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds read) via crafted system calls, related to net/core/skbuff.c and net/socket.c.
ModerateCVE-2017-7277SUSE bug 1031265cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2017-7286SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
LowCVE-2017-7286SUSE bug 1033458cpe:/o:suse:sled:12:sp1CVE-2017-7294SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.
ModerateCVE-2017-7294SUSE bug 1027179SUSE bug 1031440SUSE bug 1031481cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7299SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash.
ModerateCVE-2017-7299SUSE bug 1030295SUSE bug 1031644cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7300SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash.
ModerateCVE-2017-7300SUSE bug 1030295SUSE bug 1031656cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7301SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash.
ModerateCVE-2017-7301SUSE bug 1030295SUSE bug 1031638cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7302SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash.
ModerateCVE-2017-7302SUSE bug 1030295SUSE bug 1031595cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7303SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash.
ModerateCVE-2017-7303SUSE bug 1030295SUSE bug 1031593cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7304SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash.
ModerateCVE-2017-7304SUSE bug 1030295SUSE bug 1031590cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7308SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
ModerateCVE-2017-7308SUSE bug 1027179SUSE bug 1031579SUSE bug 1031660cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7319SUSE Linux Enterprise Desktop 12 SP1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
LowCVE-2017-7319SUSE bug 1033438cpe:/o:suse:sled:12:sp1CVE-2017-7346SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device.
ModerateCVE-2017-7346SUSE bug 1031796cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7374SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.
ModerateCVE-2017-7374SUSE bug 1027179SUSE bug 1032006cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-7375SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).
ModerateCVE-2017-7375SUSE bug 1044894SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7376SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
ModerateCVE-2017-7376SUSE bug 1044887SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7377SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
ModerateCVE-2017-7377SUSE bug 1032075cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7378SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document.
ModerateCVE-2017-7378SUSE bug 1032017cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7379SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document.
ModerateCVE-2017-7379SUSE bug 1032018cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7380SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
ModerateCVE-2017-7380SUSE bug 1032019cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7381SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
ModerateCVE-2017-7381SUSE bug 1032019SUSE bug 1032020cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7382SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
ModerateCVE-2017-7382SUSE bug 1032019SUSE bug 1032021cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7383SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
ModerateCVE-2017-7383SUSE bug 1032019SUSE bug 1032022cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7392SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server.
LowCVE-2017-7392SUSE bug 1031886cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7393SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.
ModerateCVE-2017-7393SUSE bug 1031875SUSE bug 1031879cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7394SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames.
ModerateCVE-2017-7394SUSE bug 1031879cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7395SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server.
ModerateCVE-2017-7395SUSE bug 1031877cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7396SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.
LowCVE-2017-7396SUSE bug 1031886cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7407SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.
ModerateCVE-2017-7407SUSE bug 1032309cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7435SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.
ImportantCVE-2017-7435SUSE bug 1009127SUSE bug 1038984SUSE bug 1045735cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7436SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libzypp before 20170803 it was possible to retrieve unsigned packages without a warning to the user which could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.
ImportantCVE-2017-7436SUSE bug 1008325SUSE bug 1009127SUSE bug 1038984SUSE bug 1045735cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7467SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow flaw was found in the way minicom before version 2.7.1 handled VT100 escape sequences. A malicious terminal device could potentially use this flaw to crash minicom, or execute arbitrary code in the context of the minicom process.
ModerateCVE-2017-7467SUSE bug 1033783cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7468SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established by the previous certificate (or no certificate). libcurl supports by default the use of TLS session id/ticket to resume previous TLS sessions to speed up subsequent TLS handshakes. They are used when for any reason an existing TLS connection couldn't be kept alive to make the next handshake faster. This flaw is a regression and identical to CVE-2016-5419 reported on August 3rd 2016, but affecting a different version range.
ModerateCVE-2017-7468SUSE bug 1033413SUSE bug 1033442SUSE bug 1042181SUSE bug 991389cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2017-7471SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.
ModerateCVE-2017-7471SUSE bug 1034866SUSE bug 1034990cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7472SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.
ModerateCVE-2017-7472SUSE bug 1034862cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7475SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
ModerateCVE-2017-7475SUSE bug 1036789cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7476SUSE Linux Enterprise Desktop 12 SP1
Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the save_abbr function in time_rz.c.
ModerateCVE-2017-7476SUSE bug 1036636SUSE bug 1037124SUSE bug 1037125SUSE bug 1037142cpe:/o:suse:sled:12:sp1CVE-2017-7477SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.
ImportantCVE-2017-7477SUSE bug 1035823cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2017-7478SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.
ImportantCVE-2017-7478SUSE bug 1038709SUSE bug 1038713cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7479SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
ModerateCVE-2017-7479SUSE bug 1038711SUSE bug 1038713cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7482SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.
ModerateCVE-2017-7482SUSE bug 1046107cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7484SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
ModerateCVE-2017-7484SUSE bug 1037603SUSE bug 1051015cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7485SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server.
ModerateCVE-2017-7485SUSE bug 1038293SUSE bug 1051015cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7486SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
ModerateCVE-2017-7486SUSE bug 1037624SUSE bug 1051015SUSE bug 1051685cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7487SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.
ModerateCVE-2017-7487SUSE bug 1038879SUSE bug 1038883SUSE bug 1038981SUSE bug 1038982SUSE bug 870618cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7493SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges inside guest.
ImportantCVE-2017-7493SUSE bug 1039495cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7494SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
ImportantCVE-2017-7494SUSE bug 1038231cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7495SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file.
ModerateCVE-2017-7495SUSE bug 1039010cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7500SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.
ModerateCVE-2017-7500SUSE bug 1126909SUSE bug 1135195SUSE bug 1157882SUSE bug 1157883SUSE bug 943457SUSE bug 964063cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7501SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation.
ModerateCVE-2017-7501SUSE bug 1119217SUSE bug 1126909SUSE bug 1135195SUSE bug 1157882SUSE bug 1157883SUSE bug 943457cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7506SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
ImportantCVE-2017-7506SUSE bug 1046779SUSE bug 1047730cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7507SUSE Linux Enterprise Desktop 12 SP2
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.
ImportantCVE-2017-7507SUSE bug 1043398cpe:/o:suse:sled:12:sp2CVE-2017-7508SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.
ImportantCVE-2017-7508SUSE bug 1044947cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7511SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
LowCVE-2017-7511SUSE bug 1041783cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7515SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.
LowCVE-2017-7515SUSE bug 1043088cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7516SUSE Linux Enterprise Desktop 12 SP3
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-1197. Reason: This candidate is a duplicate of CVE-2015-1197. Notes: All CVE users should reference CVE-2015-1197 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2017-7516SUSE bug 1077990SUSE bug 913677cpe:/o:suse:sled:12:sp3CVE-2017-7518SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.
ModerateCVE-2017-7518SUSE bug 1045922SUSE bug 1087082cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-7520SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.
ImportantCVE-2017-7520SUSE bug 1044947cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7521SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().
ImportantCVE-2017-7521SUSE bug 1044947cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7526SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.
LowCVE-2017-7526SUSE bug 1046607SUSE bug 1047462SUSE bug 1123792cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-7533SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
ModerateCVE-2017-7533SUSE bug 1049483SUSE bug 1050677SUSE bug 1050751SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-7541SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.
ModerateCVE-2017-7541SUSE bug 1049645cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7542SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
ModerateCVE-2017-7542SUSE bug 1049882SUSE bug 1061936cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7544SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
LowCVE-2017-7544SUSE bug 1059893cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7546SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.
ModerateCVE-2017-7546SUSE bug 1051684SUSE bug 1054365SUSE bug 1140876cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7547SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so.
ModerateCVE-2017-7547SUSE bug 1051685SUSE bug 1054365SUSE bug 1140876cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7548SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
ImportantCVE-2017-7548SUSE bug 1053259SUSE bug 1054365SUSE bug 1140876cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7555SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
ModerateCVE-2017-7555SUSE bug 1054171cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7585SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
ModerateCVE-2017-7585SUSE bug 1033054SUSE bug 1033914SUSE bug 1033915cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7586SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
ModerateCVE-2017-7586SUSE bug 1033053cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7592SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-7592SUSE bug 1033131cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7593SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.
ModerateCVE-2017-7593SUSE bug 1033129cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7594SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.
ModerateCVE-2017-7594SUSE bug 1033128cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7595SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
ModerateCVE-2017-7595SUSE bug 1033111SUSE bug 1033127cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7596SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-7596SUSE bug 1033112SUSE bug 1033113SUSE bug 1033120SUSE bug 1033126cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7597SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-7597SUSE bug 1033112SUSE bug 1033113SUSE bug 1033120SUSE bug 1033126cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7598SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
ModerateCVE-2017-7598SUSE bug 1033118cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7599SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-7599SUSE bug 1033112SUSE bug 1033113SUSE bug 1033120SUSE bug 1033126cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7600SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-7600SUSE bug 1033112SUSE bug 1033113SUSE bug 1033120SUSE bug 1033126cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7601SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-7601SUSE bug 1033111SUSE bug 1033127cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7602SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-7602SUSE bug 1033109cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7606SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-7606SUSE bug 1033091cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7607SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7607SUSE bug 1033084cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7608SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7608SUSE bug 1033085cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7609SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
ModerateCVE-2017-7609SUSE bug 1033086cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7610SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7610SUSE bug 1033087cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7611SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7611SUSE bug 1033088cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7612SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7612SUSE bug 1033089cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7613SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
ModerateCVE-2017-7613SUSE bug 1033090cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7614SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program.
ModerateCVE-2017-7614SUSE bug 1033122SUSE bug 1105209cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-7616SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
ModerateCVE-2017-7616SUSE bug 1033336cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-7618SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
ModerateCVE-2017-7618SUSE bug 1033340cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7619SUSE Linux Enterprise Desktop 12 SP1
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.
ModerateCVE-2017-7619SUSE bug 1033361SUSE bug 1053919cpe:/o:suse:sled:12:sp1CVE-2017-7645SUSE Linux Enterprise Desktop 12 SP1
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
ModerateCVE-2017-7645SUSE bug 1034670SUSE bug 1036741SUSE bug 1046191SUSE bug 1087082cpe:/o:suse:sled:12:sp1CVE-2017-7700SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.
ImportantCVE-2017-7700SUSE bug 1033936cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7701SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.
ModerateCVE-2017-7701SUSE bug 1033937cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7702SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.
ImportantCVE-2017-7702SUSE bug 1033938SUSE bug 1049255cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7703SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.
ModerateCVE-2017-7703SUSE bug 1033939cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7704SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.
ImportantCVE-2017-7704SUSE bug 1033940cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7705SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.
ImportantCVE-2017-7705SUSE bug 1033941cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7718SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.
ModerateCVE-2017-7718SUSE bug 1034908SUSE bug 1034994SUSE bug 1178658cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7741SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
ModerateCVE-2017-7741SUSE bug 1033054SUSE bug 1033915cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7742SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
ModerateCVE-2017-7742SUSE bug 1033054SUSE bug 1033914cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7745SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.
ImportantCVE-2017-7745SUSE bug 1033942cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7746SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.
ImportantCVE-2017-7746SUSE bug 1033943cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7747SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree.
ModerateCVE-2017-7747SUSE bug 1033944cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7748SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.
ModerateCVE-2017-7748SUSE bug 1033945cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7749SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7749SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7750SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7750SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7751SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7751SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7752SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7752SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7753SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7753SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7754SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7754SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7755SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7755SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7756SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7756SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7757SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7757SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7758SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7758SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7761SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the junction can be deleted by the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.
ImportantCVE-2017-7761SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7763SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7763SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7764SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form, allowing for domain name spoofing attacks through character confusion. The current Unicode standard allows characters from "Aspirational Use Scripts" such as Canadian Syllabics to be mixed with Latin characters in the "moderately restrictive" IDN profile. We have changed Firefox behavior to match the upcoming Unicode version 10.0 which removes this category and treats them as "Limited Use Scripts.". This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7764SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7765SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running executables downloaded from the Internet is not shown. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7765SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7768SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla Maintenance Service executes with privileged access, bypassing system protections against unprivileged users. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.
ImportantCVE-2017-7768SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7778SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
ImportantCVE-2017-7778SUSE bug 1043960SUSE bug 1044239SUSE bug 1044240SUSE bug 1044241SUSE bug 1044242cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7779SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7779SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7782SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ModerateCVE-2017-7782SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7784SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7784SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7785SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7785SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7786SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7786SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7787SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7787SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7789SUSE Linux Enterprise Desktop 12 SP4
If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security (HSTS) will not be enabled for the connection. This vulnerability affects Firefox < 55.
ModerateCVE-2017-7789SUSE bug 1047281SUSE bug 1052829cpe:/o:suse:sled:12:sp4CVE-2017-7791SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7791SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7792SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7792SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7793SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7793SUSE bug 1060445cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7798SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.
ImportantCVE-2017-7798SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7800SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7800SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7801SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7801SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7802SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7802SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7803SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7803SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7804SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The destructor function for the "WindowsDllDetourPatcher" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ModerateCVE-2017-7804SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7805SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7805SUSE bug 1060445SUSE bug 1061005cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7807SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
ImportantCVE-2017-7807SUSE bug 1052829cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7810SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7810SUSE bug 1060445cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7814SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7814SUSE bug 1060445cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7818SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7818SUSE bug 1060445cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7819SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7819SUSE bug 1060445cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7823SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7823SUSE bug 1060445cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7824SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7824SUSE bug 1060445cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7825SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
ImportantCVE-2017-7825SUSE bug 1060445cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7826SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.
ImportantCVE-2017-7826SUSE bug 1068101cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7828SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.
ImportantCVE-2017-7828SUSE bug 1068101cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7830SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.
ImportantCVE-2017-7830SUSE bug 1068101cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7844SUSE Linux Enterprise Desktop 12 SP3
A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox 57. Earlier releases are not affected. This vulnerability affects Firefox < 57.0.1.
ModerateCVE-2017-7844SUSE bug 1072034SUSE bug 1072036cpe:/o:suse:sled:12:sp3CVE-2017-7845SUSE Linux Enterprise Desktop 12 SP3
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.
CriticalCVE-2017-7845cpe:/o:suse:sled:12:sp3CVE-2017-7853SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.
ModerateCVE-2017-7853SUSE bug 1034570cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7856SUSE Linux Enterprise Desktop 12 SP1
LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.
ModerateCVE-2017-7856SUSE bug 1034193cpe:/o:suse:sled:12:sp1CVE-2017-7857SUSE Linux Enterprise Desktop 12 SP1
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
ModerateCVE-2017-7857SUSE bug 1034189cpe:/o:suse:sled:12:sp1CVE-2017-7858SUSE Linux Enterprise Desktop 12 SP1
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
ModerateCVE-2017-7858SUSE bug 1034186cpe:/o:suse:sled:12:sp1CVE-2017-7864SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
CriticalCVE-2017-7864SUSE bug 1034178cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-7867SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.
ModerateCVE-2017-7867SUSE bug 1034678SUSE bug 1123121cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7868SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.
ImportantCVE-2017-7868SUSE bug 1034674SUSE bug 1123121cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7869SUSE Linux Enterprise Desktop 12 SP2
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
ModerateCVE-2017-7869SUSE bug 1034173SUSE bug 1038337SUSE bug 1149679cpe:/o:suse:sled:12:sp2CVE-2017-7870SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
ModerateCVE-2017-7870SUSE bug 1034568cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7874SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ImportantCVE-2017-7874SUSE bug 1034330SUSE bug 493158cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7882SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
ModerateCVE-2017-7882SUSE bug 1034329cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7889SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.
ModerateCVE-2017-7889SUSE bug 1034405cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7890SUSE Linux Enterprise Desktop 12 SP4
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.
LowCVE-2017-7890SUSE bug 1050241cpe:/o:suse:sled:12:sp4CVE-2017-7941SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
ModerateCVE-2017-7941SUSE bug 1034876SUSE bug 1126909cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7942SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
ModerateCVE-2017-7942SUSE bug 1034872cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7943SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
ModerateCVE-2017-7943SUSE bug 1034870SUSE bug 1036985cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7948SUSE Linux Enterprise Desktop 12 SP1
Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document.
ModerateCVE-2017-7948SUSE bug 1035036cpe:/o:suse:sled:12:sp1CVE-2017-7960SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted CSS file.
ModerateCVE-2017-7960SUSE bug 1034481cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7961SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CSS file. NOTE: third-party analysis reports "This is not a security issue in my view. The conversion surely is truncating the double into a long value, but there is no impact as the value is one of the RGB components."
LowCVE-2017-7961SUSE bug 1034482SUSE bug 1132069cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7979SUSE Linux Enterprise Desktop 12 SP1
The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refcount underflow, and system hang or crash) or possibly have unspecified other impact via "tc filter add" commands in certain contexts. NOTE: this does not affect stable kernels, such as 4.10.x, from kernel.org.
ModerateCVE-2017-7979SUSE bug 1035107cpe:/o:suse:sled:12:sp1CVE-2017-7980SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.
ModerateCVE-2017-7980SUSE bug 1035406SUSE bug 1035483cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-7982SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
ModerateCVE-2017-7982SUSE bug 1035312cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7994SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
ModerateCVE-2017-7994SUSE bug 1035534cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-7995SUSE Linux Enterprise Desktop 12 SP1
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL.
ModerateCVE-2017-7995SUSE bug 1033948SUSE bug 1178658cpe:/o:suse:sled:12:sp1CVE-2017-8053SUSE Linux Enterprise Desktop 12 SP1
PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).
ModerateCVE-2017-8053SUSE bug 1035592cpe:/o:suse:sled:12:sp1CVE-2017-8054SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.
ModerateCVE-2017-8054SUSE bug 1035596SUSE bug 1094315cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8061SUSE Linux Enterprise Desktop 12 SP1
drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
LowCVE-2017-8061SUSE bug 1035693cpe:/o:suse:sled:12:sp1CVE-2017-8062SUSE Linux Enterprise Desktop 12 SP1
drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
ModerateCVE-2017-8062SUSE bug 1035691cpe:/o:suse:sled:12:sp1CVE-2017-8063SUSE Linux Enterprise Desktop 12 SP1
drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
LowCVE-2017-8063SUSE bug 1035689cpe:/o:suse:sled:12:sp1CVE-2017-8064SUSE Linux Enterprise Desktop 12 SP1
drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
ModerateCVE-2017-8064SUSE bug 1035681cpe:/o:suse:sled:12:sp1CVE-2017-8065SUSE Linux Enterprise Desktop 12 SP1
crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
ModerateCVE-2017-8065SUSE bug 1035673cpe:/o:suse:sled:12:sp1CVE-2017-8066SUSE Linux Enterprise Desktop 12 SP1
drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
LowCVE-2017-8066SUSE bug 1035672cpe:/o:suse:sled:12:sp1CVE-2017-8067SUSE Linux Enterprise Desktop 12 SP1
drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
ModerateCVE-2017-8067SUSE bug 1035670cpe:/o:suse:sled:12:sp1CVE-2017-8068SUSE Linux Enterprise Desktop 12 SP1
drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
ModerateCVE-2017-8068SUSE bug 1035669cpe:/o:suse:sled:12:sp1CVE-2017-8069SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
LowCVE-2017-8069SUSE bug 1035668SUSE bug 1138468cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-8070SUSE Linux Enterprise Desktop 12 SP1
drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
ModerateCVE-2017-8070SUSE bug 1035658cpe:/o:suse:sled:12:sp1CVE-2017-8071SUSE Linux Enterprise Desktop 12 SP1
drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors.
ModerateCVE-2017-8071SUSE bug 1035667cpe:/o:suse:sled:12:sp1CVE-2017-8072SUSE Linux Enterprise Desktop 12 SP1
The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors.
ModerateCVE-2017-8072SUSE bug 1035649cpe:/o:suse:sled:12:sp1CVE-2017-8086SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2
Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.
ModerateCVE-2017-8086SUSE bug 1035950cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2CVE-2017-8105SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
ModerateCVE-2017-8105SUSE bug 1034186SUSE bug 1035807SUSE bug 1036457SUSE bug 1079459cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8106SUSE Linux Enterprise Desktop 12 SP1
The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.
ModerateCVE-2017-8106SUSE bug 1035877cpe:/o:suse:sled:12:sp1CVE-2017-8112SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.
LowCVE-2017-8112SUSE bug 1036211SUSE bug 1036470cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8284SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated by procmail. NOTE: the vendor has stated "this bug does not violate any security guarantees QEMU makes."
ImportantCVE-2017-8284SUSE bug 1160901cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8287SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
ModerateCVE-2017-8287SUSE bug 1034186SUSE bug 1035807SUSE bug 1036457SUSE bug 1079459cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8288SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications (but not interact with them), see information from the extensions (e.g., what applications you have opened or what music you were playing), or even execute arbitrary commands. It all depends on what extensions a user has enabled. The problem is caused by lack of exception handling in js/ui/extensionSystem.js.
ModerateCVE-2017-8288SUSE bug 1036494cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8291SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
ImportantCVE-2017-8291SUSE bug 1036453cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8309SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
LowCVE-2017-8309SUSE bug 1037242SUSE bug 1037243SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8343SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8343SUSE bug 1036977cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8344SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8344SUSE bug 1036978cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8345SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8345SUSE bug 1036980cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8346SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8346SUSE bug 1036981cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8347SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8347SUSE bug 1036982cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8348SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8348SUSE bug 1036983cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8349SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8349SUSE bug 1036984cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8350SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8350SUSE bug 1036985SUSE bug 1053919SUSE bug 1126909cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8351SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8351SUSE bug 1036986SUSE bug 1126909cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8352SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8352SUSE bug 1036987cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8353SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8353SUSE bug 1036988SUSE bug 1055010SUSE bug 1126909cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8354SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8354SUSE bug 1036989cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8355SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8355SUSE bug 1036990SUSE bug 1126909cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8356SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8356SUSE bug 1036991SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8357SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8357SUSE bug 1036976cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8358SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.
ModerateCVE-2017-8358SUSE bug 1036975cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8361SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
ModerateCVE-2017-8361SUSE bug 1036944cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8362SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.
ModerateCVE-2017-8362SUSE bug 1036943cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8363SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
ModerateCVE-2017-8363SUSE bug 1036945cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8365SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
ModerateCVE-2017-8365SUSE bug 1036946cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8379SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
LowCVE-2017-8379SUSE bug 1037334cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8380SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors.
LowCVE-2017-8380SUSE bug 1037336cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8392SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash.
ModerateCVE-2017-8392SUSE bug 1037052cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8393SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash.
ModerateCVE-2017-8393SUSE bug 1037057cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8394SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash.
ModerateCVE-2017-8394SUSE bug 1037061cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8395SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash.
ModerateCVE-2017-8395SUSE bug 1037062cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-8396SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash.
ModerateCVE-2017-8396SUSE bug 1037066cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8397SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash.
ModerateCVE-2017-8397SUSE bug 1037070cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-8398SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash.
ModerateCVE-2017-8398SUSE bug 1037072cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-8421SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_in_section in objdump.c can resolve this.
ModerateCVE-2017-8421SUSE bug 1037273cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8422SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
ImportantCVE-2017-8422SUSE bug 1033300SUSE bug 1036244SUSE bug 1041511SUSE bug 749065SUSE bug 869959cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8765SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
ModerateCVE-2017-8765SUSE bug 1037527SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8779SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.
ImportantCVE-2017-8779SUSE bug 1037559SUSE bug 1037930SUSE bug 1101814SUSE bug 798028cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8787SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.
ModerateCVE-2017-8787SUSE bug 1037739cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8797SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system.
ImportantCVE-2017-8797SUSE bug 1046202SUSE bug 1046206cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8804SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references]
ModerateCVE-2017-8804SUSE bug 1037559SUSE bug 1037930cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8816SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.
ModerateCVE-2017-8816SUSE bug 1069226SUSE bug 1106019cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8817SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
ModerateCVE-2017-8817SUSE bug 1069222cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8818SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.
ImportantCVE-2017-8818SUSE bug 1069714cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8824SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
ImportantCVE-2017-8824SUSE bug 1070771SUSE bug 1076734SUSE bug 1092904cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8830SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-8830SUSE bug 1038000SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8831SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability.
ModerateCVE-2017-8831SUSE bug 1037994SUSE bug 1061936SUSE bug 1087082cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8834SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.
LowCVE-2017-8834SUSE bug 1043898SUSE bug 1043899cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8871SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.
LowCVE-2017-8871SUSE bug 1043898SUSE bug 1043899cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8872SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.
ModerateCVE-2017-8872SUSE bug 1038444SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8890SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
ImportantCVE-2017-8890SUSE bug 1038544SUSE bug 1038564SUSE bug 1039883SUSE bug 1039885SUSE bug 1040069SUSE bug 1042364SUSE bug 1051906cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-8908SUSE Linux Enterprise Desktop 12 SP1
The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.
ModerateCVE-2017-8908SUSE bug 1038835cpe:/o:suse:sled:12:sp1CVE-2017-8924SUSE Linux Enterprise Desktop 12 SP2
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.
ModerateCVE-2017-8924SUSE bug 1037182SUSE bug 1038981SUSE bug 1038982SUSE bug 870618cpe:/o:suse:sled:12:sp2CVE-2017-8925SUSE Linux Enterprise Desktop 12 SP2
The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
ModerateCVE-2017-8925SUSE bug 1037183SUSE bug 1038981SUSE bug 1038982SUSE bug 870618cpe:/o:suse:sled:12:sp2CVE-2017-9022SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.
ModerateCVE-2017-9022SUSE bug 1039514cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9023SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.
ModerateCVE-2017-9023SUSE bug 1039515cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9038SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets.
LowCVE-2017-9038SUSE bug 1038874cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9039SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.
LowCVE-2017-9039SUSE bug 1038875cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9040SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.
LowCVE-2017-9040SUSE bug 1038876SUSE bug 1038877cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9041SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.
LowCVE-2017-9041SUSE bug 1038874SUSE bug 1038877cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9042SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.
ModerateCVE-2017-9042SUSE bug 1038878cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9043SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.
ModerateCVE-2017-9043SUSE bug 1038880cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9044SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file.
LowCVE-2017-9044SUSE bug 1038881cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9047SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about "size" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.
ModerateCVE-2017-9047SUSE bug 1039063SUSE bug 1039066SUSE bug 1039657SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9048SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.
ModerateCVE-2017-9048SUSE bug 1039064SUSE bug 1039066SUSE bug 1039658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9049SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.
ImportantCVE-2017-9049SUSE bug 1039063SUSE bug 1039064SUSE bug 1039066SUSE bug 1039659SUSE bug 1039661SUSE bug 1069690SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9050SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
ModerateCVE-2017-9050SUSE bug 1039066SUSE bug 1039069SUSE bug 1039661SUSE bug 1069433SUSE bug 1069690SUSE bug 1123919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9059SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak.
ModerateCVE-2017-9059SUSE bug 1039674cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2017-9060SUSE Linux Enterprise Desktop 12 SP1
Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large number of "VIRTIO_GPU_CMD_SET_SCANOUT:" commands.
ModerateCVE-2017-9060SUSE bug 1039886cpe:/o:suse:sled:12:sp1CVE-2017-9074SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.
ModerateCVE-2017-9074SUSE bug 1039882cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9075SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
ImportantCVE-2017-9075SUSE bug 1038544SUSE bug 1039883SUSE bug 1051906cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9076SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
ImportantCVE-2017-9076SUSE bug 1038544SUSE bug 1039885SUSE bug 1040069SUSE bug 1051906cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9077SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
ImportantCVE-2017-9077SUSE bug 1038544SUSE bug 1040069SUSE bug 1042364cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9083SUSE Linux Enterprise Desktop 12 SP2
poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.
LowCVE-2017-9083SUSE bug 1040170cpe:/o:suse:sled:12:sp2CVE-2017-9098SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
ModerateCVE-2017-9098SUSE bug 1040025SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9110SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash.
ModerateCVE-2017-9110SUSE bug 1040107SUSE bug 1040112cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9111SUSE Linux Enterprise Desktop 12 SP4
In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.
ModerateCVE-2017-9111SUSE bug 1040109cpe:/o:suse:sled:12:sp4CVE-2017-9112SUSE Linux Enterprise Desktop 12 SP4
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash.
ModerateCVE-2017-9112SUSE bug 1040112cpe:/o:suse:sled:12:sp4CVE-2017-9113SUSE Linux Enterprise Desktop 12 SP4
In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code.
ModerateCVE-2017-9113SUSE bug 1040113cpe:/o:suse:sled:12:sp4CVE-2017-9114SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash.
ModerateCVE-2017-9114SUSE bug 1040114cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9115SUSE Linux Enterprise Desktop 12 SP4
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.
ModerateCVE-2017-9115SUSE bug 1040115cpe:/o:suse:sled:12:sp4CVE-2017-9116SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash.
ModerateCVE-2017-9116SUSE bug 1040116cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9122SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.
ModerateCVE-2017-9122SUSE bug 1044000SUSE bug 1044002SUSE bug 1044006SUSE bug 1044008SUSE bug 1044009SUSE bug 1044077SUSE bug 1044122SUSE bug 1051855SUSE bug 1051859cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-9123SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
LowCVE-2017-9123SUSE bug 1044009cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-9124SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The quicktime_match_32 function in util.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
LowCVE-2017-9124SUSE bug 1044008cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-9125SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted mp4 file.
ModerateCVE-2017-9125SUSE bug 1044122cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-9126SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file.
LowCVE-2017-9126SUSE bug 1044006cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-9127SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The quicktime_user_atoms_read_atom function in useratoms.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file.
LowCVE-2017-9127SUSE bug 1044002cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-9128SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted mp4 file.
LowCVE-2017-9128SUSE bug 1044000SUSE bug 1044002SUSE bug 1044006SUSE bug 1044008SUSE bug 1044009SUSE bug 1044077SUSE bug 1044122SUSE bug 1051855SUSE bug 1051859cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2017-9141SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
ModerateCVE-2017-9141SUSE bug 1040303SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9142SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
ModerateCVE-2017-9142SUSE bug 1036985SUSE bug 1040304cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9143SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
ModerateCVE-2017-9143SUSE bug 1040306SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9144SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
ModerateCVE-2017-9144SUSE bug 1040332SUSE bug 1048936SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9150SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.
ModerateCVE-2017-9150SUSE bug 1040279cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9208SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
ModerateCVE-2017-9208SUSE bug 1040311cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9209SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2.
ModerateCVE-2017-9209SUSE bug 1040312cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9210SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3.
ModerateCVE-2017-9210SUSE bug 1040313cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9211SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service (NULL pointer dereference) via a crafted application.
ModerateCVE-2017-9211SUSE bug 1040389cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2017-9216SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.
ModerateCVE-2017-9216SUSE bug 1040643cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9217SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
ModerateCVE-2017-9217SUSE bug 1040614cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9225SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in unicode_unfold_key(). A malformed regular expression could result in 4 bytes being written off the end of a stack buffer of expand_case_fold_string() during the call to onigenc_unicode_get_case_fold_codes_by_str(), a typical stack buffer overflow.
ModerateCVE-2017-9225SUSE bug 1040890cpe:/o:suse:sled:12:sp1CVE-2017-9228SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption.
ModerateCVE-2017-9228SUSE bug 1068376SUSE bug 1069606SUSE bug 1069607SUSE bug 1076391cpe:/o:suse:sled:12:sp3CVE-2017-9229SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition.
ModerateCVE-2017-9229SUSE bug 1068376SUSE bug 1069631SUSE bug 1069632SUSE bug 1076391cpe:/o:suse:sled:12:sp3CVE-2017-9233SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
ModerateCVE-2017-9233SUSE bug 1030296SUSE bug 1047236SUSE bug 1073350SUSE bug 1123115SUSE bug 983216cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9242SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.
ModerateCVE-2017-9242SUSE bug 1041431SUSE bug 1042892cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9261SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-9261SUSE bug 1043354cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9262SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-9262SUSE bug 1043353cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9269SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential malicious content.
ImportantCVE-2017-9269SUSE bug 1038984SUSE bug 1045735cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9287SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.
ModerateCVE-2017-9287SUSE bug 1041764cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9330SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.
LowCVE-2017-9330SUSE bug 1042159SUSE bug 1042160SUSE bug 1043157SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9343SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
ModerateCVE-2017-9343SUSE bug 1042309SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331SUSE bug 1077080cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9344SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
ModerateCVE-2017-9344SUSE bug 1042298SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9345SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
ModerateCVE-2017-9345SUSE bug 1042300SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9346SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
ModerateCVE-2017-9346SUSE bug 1042301SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9347SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.
ModerateCVE-2017-9347SUSE bug 1042308SUSE bug 1042324SUSE bug 1042330cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9348SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.
ModerateCVE-2017-9348SUSE bug 1042303SUSE bug 1042324SUSE bug 1042330cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9349SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.
ModerateCVE-2017-9349SUSE bug 1042305SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9350SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.
ModerateCVE-2017-9350SUSE bug 1042299SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331SUSE bug 1049255SUSE bug 1049621cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9351SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.
ModerateCVE-2017-9351SUSE bug 1042302SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9352SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.
ModerateCVE-2017-9352SUSE bug 1042304SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9353SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address.
ModerateCVE-2017-9353SUSE bug 1042306SUSE bug 1042324SUSE bug 1042330cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9354SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.
ModerateCVE-2017-9354SUSE bug 1042307SUSE bug 1042324SUSE bug 1042330SUSE bug 1042331cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9373SUSE Linux Enterprise Desktop 12 SP2
Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device.
LowCVE-2017-9373SUSE bug 1042801cpe:/o:suse:sled:12:sp2CVE-2017-9374SUSE Linux Enterprise Desktop 12 SP2
Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device.
LowCVE-2017-9374SUSE bug 1043073SUSE bug 1043074cpe:/o:suse:sled:12:sp2CVE-2017-9375SUSE Linux Enterprise Desktop 12 SP2
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.
LowCVE-2017-9375SUSE bug 1042800cpe:/o:suse:sled:12:sp2CVE-2017-9403SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file.
LowCVE-2017-9403SUSE bug 1042805SUSE bug 1045688cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9404SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file.
LowCVE-2017-9404SUSE bug 1042804cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9405SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-9405SUSE bug 1042911cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9406SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file.
LowCVE-2017-9406SUSE bug 1042803cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9407SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
ModerateCVE-2017-9407SUSE bug 1042824cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9408SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file.
LowCVE-2017-9408SUSE bug 1042802cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9409SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
LowCVE-2017-9409SUSE bug 1042948cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9432SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx.
ModerateCVE-2017-9432SUSE bug 1042829cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9433SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.
ModerateCVE-2017-9433SUSE bug 1042828cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9439SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-9439SUSE bug 1042826SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9440SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-9440SUSE bug 1042812SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9445SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.
ModerateCVE-2017-9445SUSE bug 1045290SUSE bug 1063249cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9499SUSE Linux Enterprise Desktop 12 SP2
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-9499SUSE bug 1043291cpe:/o:suse:sled:12:sp2CVE-2017-9500SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-9500SUSE bug 1043290cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9501SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
ModerateCVE-2017-9501SUSE bug 1043289SUSE bug 1053919cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9502SUSE Linux Enterprise Desktop 12 SP4
In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given "URL" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string "file://").
ImportantCVE-2017-9502SUSE bug 1044243cpe:/o:suse:sled:12:sp4CVE-2017-9503SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.
LowCVE-2017-9503SUSE bug 1043296SUSE bug 1043297SUSE bug 1043312cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9524SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
ModerateCVE-2017-9524SUSE bug 1043808cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9526SUSE Linux Enterprise Desktop 12 SP2
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library.
ModerateCVE-2017-9526SUSE bug 1042326SUSE bug 1043777cpe:/o:suse:sled:12:sp2CVE-2017-9611SUSE Linux Enterprise Desktop 12 SP3
The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
ImportantCVE-2017-9611SUSE bug 1050893cpe:/o:suse:sled:12:sp3CVE-2017-9612SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document.
ImportantCVE-2017-9612SUSE bug 1050891cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9617SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
ModerateCVE-2017-9617SUSE bug 1044417cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9725SUSE Linux Enterprise Desktop 12 SP3
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.
LowCVE-2017-9725SUSE bug 1057481cpe:/o:suse:sled:12:sp3CVE-2017-9726SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
ImportantCVE-2017-9726SUSE bug 1050889cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9727SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
ImportantCVE-2017-9727SUSE bug 1050888cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9739SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
ImportantCVE-2017-9739SUSE bug 1050887cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9746SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during "objdump -D" execution.
ModerateCVE-2017-9746SUSE bug 1030296SUSE bug 1044891cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9747SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug.
ModerateCVE-2017-9747SUSE bug 1030296SUSE bug 1044897cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9748SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug.
ModerateCVE-2017-9748SUSE bug 1030296SUSE bug 1044901cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9750SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
ModerateCVE-2017-9750SUSE bug 1030296SUSE bug 1044909cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9755SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
LowCVE-2017-9755SUSE bug 1030296SUSE bug 1044925cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9756SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
ModerateCVE-2017-9756SUSE bug 1030296SUSE bug 1044927cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9766SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c.
ModerateCVE-2017-9766SUSE bug 1045341cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9775SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
ModerateCVE-2017-9775SUSE bug 1045719cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9776SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
ModerateCVE-2017-9776SUSE bug 1045721cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9806SUSE Linux Enterprise Desktop 12 SP3
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
ImportantCVE-2017-9806SUSE bug 1065988cpe:/o:suse:sled:12:sp3CVE-2017-9814SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
ModerateCVE-2017-9814SUSE bug 1049092cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9835SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.
ImportantCVE-2017-9835SUSE bug 1050879cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9865SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc.
ModerateCVE-2017-9865SUSE bug 1045939cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9935SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution.
ModerateCVE-2017-9935SUSE bug 1046077SUSE bug 1074318SUSE bug 1108606SUSE bug 1110358cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9936SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack.
ModerateCVE-2017-9936SUSE bug 1046073cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2017-9954SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by mishandling within the nm program.
LowCVE-2017-9954SUSE bug 1052061cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9955SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program.
ModerateCVE-2017-9955SUSE bug 1046094cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2017-9985SUSE Linux Enterprise Desktop 12 SP2
The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.
ModerateCVE-2017-9985SUSE bug 1046601SUSE bug 1087082cpe:/o:suse:sled:12:sp2CVE-2018-0202SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and pdf_parse_string in libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400.
ModerateCVE-2018-0202SUSE bug 1083915cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0360SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
ImportantCVE-2018-0360SUSE bug 1101410SUSE bug 1103091SUSE bug 1103092SUSE bug 1103099cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0361SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
ModerateCVE-2018-0361SUSE bug 1101410SUSE bug 1101412SUSE bug 1103091SUSE bug 1103092SUSE bug 1103099cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0494SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
ModerateCVE-2018-0494SUSE bug 1092061SUSE bug 1123797SUSE bug 1159418cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0495SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
ModerateCVE-2018-0495SUSE bug 1097410SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0500SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).
ImportantCVE-2018-0500SUSE bug 1099793cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0732SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
ImportantCVE-2018-0732SUSE bug 1077628SUSE bug 1097158SUSE bug 1099502SUSE bug 1106692SUSE bug 1108542SUSE bug 1110163SUSE bug 1112097SUSE bug 1122198SUSE bug 1148697cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0733SUSE Linux Enterprise Desktop 12 SP3
Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g).
ModerateCVE-2018-0733SUSE bug 1087106cpe:/o:suse:sled:12:sp3CVE-2018-0734SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
ModerateCVE-2018-0734SUSE bug 1113534SUSE bug 1113652SUSE bug 1113742SUSE bug 1122198SUSE bug 1122212SUSE bug 1126909SUSE bug 1148697cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0735SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
ModerateCVE-2018-0735SUSE bug 1113534SUSE bug 1113651cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0737SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
ModerateCVE-2018-0737SUSE bug 1089039SUSE bug 1089041SUSE bug 1089044SUSE bug 1089045SUSE bug 1108542SUSE bug 1123780SUSE bug 1126909cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0739SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).
ImportantCVE-2018-0739SUSE bug 1087102SUSE bug 1089997SUSE bug 1108542cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-0886SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".
ImportantCVE-2018-0886SUSE bug 1085416SUSE bug 1087240SUSE bug 1117963SUSE bug 1131873cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000001SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
ImportantCVE-2018-1000001SUSE bug 1074293SUSE bug 1099047cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000004SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
ModerateCVE-2018-1000004SUSE bug 1076017SUSE bug 1091815cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000005SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.
ModerateCVE-2018-1000005SUSE bug 1076360cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000007SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.
ModerateCVE-2018-1000007SUSE bug 1077001SUSE bug 1145903SUSE bug 1185551SUSE bug 1192797SUSE bug 1198766cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000026SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..
ImportantCVE-2018-1000026SUSE bug 1079384SUSE bug 1087082SUSE bug 1096723cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-1000028SUSE Linux Enterprise Desktop 12 SP4
Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS server must export a filesystem with the "rootsquash" options enabled. This vulnerability appears to have been fixed in after commit 1995266727fa.
ModerateCVE-2018-1000028SUSE bug 1078287cpe:/o:suse:sled:12:sp4CVE-2018-1000030SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.
ImportantCVE-2018-1000030SUSE bug 1079300cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000031SUSE Linux Enterprise Desktop 12 SP3
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
ModerateCVE-2018-1000031SUSE bug 1076531SUSE bug 1080075cpe:/o:suse:sled:12:sp3CVE-2018-1000032SUSE Linux Enterprise Desktop 12 SP3
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
ImportantCVE-2018-1000032SUSE bug 1076531SUSE bug 1080076cpe:/o:suse:sled:12:sp3CVE-2018-1000033SUSE Linux Enterprise Desktop 12 SP3
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
LowCVE-2018-1000033SUSE bug 1076531SUSE bug 1080077cpe:/o:suse:sled:12:sp3CVE-2018-1000034SUSE Linux Enterprise Desktop 12 SP3
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
LowCVE-2018-1000034SUSE bug 1076531SUSE bug 1080079cpe:/o:suse:sled:12:sp3CVE-2018-1000035SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
ImportantCVE-2018-1000035SUSE bug 1076531SUSE bug 1080074SUSE bug 1149684SUSE bug 1159417SUSE bug 1196768cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000041SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.
ModerateCVE-2018-1000041SUSE bug 1083232cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000079SUSE Linux Enterprise Desktop 12 SP3
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to arbitrary filesystem locations during installation. This attack appear to be exploitable via the victim must install a malicious gem. This vulnerability appears to have been fixed in 2.7.6.
ModerateCVE-2018-1000079SUSE bug 1082058cpe:/o:suse:sled:12:sp3CVE-2018-1000085SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6.
ModerateCVE-2018-1000085SUSE bug 1082858SUSE bug 1083915cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000097SUSE Linux Enterprise Desktop 12 SP3
Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file..
ModerateCVE-2018-1000097SUSE bug 1085004cpe:/o:suse:sled:12:sp3CVE-2018-1000120SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
ModerateCVE-2018-1000120SUSE bug 1084521SUSE bug 1101811SUSE bug 1112526cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000121SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service
ModerateCVE-2018-1000121SUSE bug 1084524SUSE bug 1085215SUSE bug 1101811SUSE bug 1112526cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000122SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
ModerateCVE-2018-1000122SUSE bug 1084532SUSE bug 1101811SUSE bug 1112526cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000156SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.
ModerateCVE-2018-1000156SUSE bug 1088420SUSE bug 1093615SUSE bug 1101128SUSE bug 1142513cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000199SUSE Linux Enterprise Desktop 12 SP3
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
ImportantCVE-2018-1000199SUSE bug 1089895SUSE bug 1090036cpe:/o:suse:sled:12:sp3CVE-2018-1000200SUSE Linux Enterprise Desktop 12 SP4
The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper's unmap_page_range() since the vma's VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).
ModerateCVE-2018-1000200SUSE bug 1087082SUSE bug 1090150cpe:/o:suse:sled:12:sp4CVE-2018-1000204SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don't usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it "virtually impossible to exploit."
ModerateCVE-2018-1000204SUSE bug 1096728SUSE bug 1105412cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000221SUSE Linux Enterprise Desktop 12 SP3
pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerability in dequote() that can result in dequote() function returns 1-byte allocation if initial length is 0, leading to buffer overflow. This attack appear to be exploitable via specially crafted .pc file. This vulnerability appears to have been fixed in 1.5.3.
LowCVE-2018-1000221SUSE bug 1105438cpe:/o:suse:sled:12:sp3CVE-2018-1000222SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5.
ImportantCVE-2018-1000222SUSE bug 1105434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000223SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
ImportantCVE-2018-1000223SUSE bug 1103676cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000300SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.
ImportantCVE-2018-1000300SUSE bug 1092094cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000301SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
ModerateCVE-2018-1000301SUSE bug 1092098SUSE bug 1122464cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000654SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.
ModerateCVE-2018-1000654SUSE bug 1105435cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000802SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.
ModerateCVE-2018-1000802SUSE bug 1109663cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000807SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on the calling application and if it retains a reference to the memory.. This vulnerability appears to have been fixed in 17.5.0.
ImportantCVE-2018-1000807SUSE bug 1111634SUSE bug 1111635cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000808SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends upon calling application, however it could be as simple as initiating a TLS connection. Anything that would cause the calling application to reload certificates from a PKCS #12 store.. This vulnerability appears to have been fixed in 17.5.0.
ModerateCVE-2018-1000808SUSE bug 1111634SUSE bug 1111635cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000845SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultID: CVE-2017-6519. Reason: This candidate is a duplicate of CVE-2017-6519. Notes: All CVE users should reference CVE-2017-6519 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2018-1000845SUSE bug 1120281cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000852SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.
ModerateCVE-2018-1000852SUSE bug 1117963SUSE bug 1120507SUSE bug 1131873cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000858SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060.
ModerateCVE-2018-1000858SUSE bug 1120346cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1000876SUSE Linux Enterprise Desktop 12 SP4
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.
ModerateCVE-2018-1000876SUSE bug 1120640cpe:/o:suse:sled:12:sp4CVE-2018-1000877SUSE Linux Enterprise Desktop 12 SP4
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
ModerateCVE-2018-1000877SUSE bug 1120653cpe:/o:suse:sled:12:sp4CVE-2018-1000878SUSE Linux Enterprise Desktop 12 SP4
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
ModerateCVE-2018-1000878SUSE bug 1120654cpe:/o:suse:sled:12:sp4CVE-2018-1000879SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.
LowCVE-2018-1000879SUSE bug 1120656cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10087SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.
ModerateCVE-2018-10087SUSE bug 1087082SUSE bug 1089608SUSE bug 1091815cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10111SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.
LowCVE-2018-10111SUSE bug 1089730cpe:/o:suse:sled:12:sp3CVE-2018-10115SUSE Linux Enterprise Desktop 12 SP3
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
ImportantCVE-2018-10115SUSE bug 1091758cpe:/o:suse:sled:12:sp3CVE-2018-10119SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.
ImportantCVE-2018-10119SUSE bug 1089705cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10120SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
ImportantCVE-2018-10120SUSE bug 1089706cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10124SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.
ModerateCVE-2018-10124SUSE bug 1087082SUSE bug 1089752SUSE bug 1091815cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10126SUSE Linux Enterprise Desktop 12 SP3
LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.
LowCVE-2018-10126SUSE bug 1090496cpe:/o:suse:sled:12:sp3CVE-2018-10177SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file.
ModerateCVE-2018-10177SUSE bug 1089781cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10194SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
ImportantCVE-2018-10194SUSE bug 1090099cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10195SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.
ModerateCVE-2018-10195SUSE bug 1090051SUSE bug 1149678cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10323SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.
ModerateCVE-2018-10323SUSE bug 1087082SUSE bug 1090717cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2018-10360SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
ModerateCVE-2018-10360SUSE bug 1096974SUSE bug 1096984SUSE bug 1126118cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10372SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf.
LowCVE-2018-10372SUSE bug 1091015cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10373SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new.
LowCVE-2018-10373SUSE bug 1090997cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10392SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
ModerateCVE-2018-10392SUSE bug 1091070cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10393SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
ModerateCVE-2018-10393SUSE bug 1091072cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10471SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.
ModerateCVE-2018-10471SUSE bug 1089635SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10472SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
ModerateCVE-2018-10472SUSE bug 1089152cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1049SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.
ModerateCVE-2018-1049SUSE bug 1076308SUSE bug 1140475cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1050SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.
ModerateCVE-2018-1050SUSE bug 1081741cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10528SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
ModerateCVE-2018-10528SUSE bug 1091345cpe:/o:suse:sled:12:sp3CVE-2018-10529SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
ModerateCVE-2018-10529SUSE bug 1091346cpe:/o:suse:sled:12:sp3CVE-2018-1053SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is infeasible if a directory mode blocks the attacker searching the current working directory or if the prevailing umask blocks the attacker opening the file.
ModerateCVE-2018-1053SUSE bug 1077983SUSE bug 1185814cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10534SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c.
ModerateCVE-2018-10534SUSE bug 1091368cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10535SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy.
ModerateCVE-2018-10535SUSE bug 1091365cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10536SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
ImportantCVE-2018-10536SUSE bug 1091344cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-10537SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
ImportantCVE-2018-10537SUSE bug 1091343cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-10538SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
ModerateCVE-2018-10538SUSE bug 1091342cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-10539SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
ModerateCVE-2018-10539SUSE bug 1091341cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-10540SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
ModerateCVE-2018-10540SUSE bug 1091340cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-1055SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-6871. Reason: This candidate is a reservation duplicate of CVE-2018-6871. Notes: All CVE users should reference CVE-2018-6871 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2018-1055SUSE bug 1080249cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1057SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).
ImportantCVE-2018-1057SUSE bug 1081024cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1058SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
ModerateCVE-2018-1058SUSE bug 1081925SUSE bug 1175193SUSE bug 1175194SUSE bug 1185814cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10583SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
ModerateCVE-2018-10583SUSE bug 1091606cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1060SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
LowCVE-2018-1060SUSE bug 1088009cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1061SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
ModerateCVE-2018-1061SUSE bug 1088004cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1064SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.
ModerateCVE-2018-1064SUSE bug 1076500SUSE bug 1083625SUSE bug 1087887SUSE bug 1088147cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1065SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.
ModerateCVE-2018-1065SUSE bug 1083650SUSE bug 1087082cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1066SUSE Linux Enterprise Desktop 12 SP3
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.
ModerateCVE-2018-1066SUSE bug 1083640cpe:/o:suse:sled:12:sp3CVE-2018-1068SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
ImportantCVE-2018-1068SUSE bug 1085107SUSE bug 1085114SUSE bug 1087082SUSE bug 1123903cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1071SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.
LowCVE-2018-1071SUSE bug 1084656cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10754SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
LowCVE-2018-10754SUSE bug 1131830cpe:/o:suse:sled:12:sp4CVE-2018-10768SUSE Linux Enterprise Desktop 12 SP3
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
ModerateCVE-2018-10768SUSE bug 1092105cpe:/o:suse:sled:12:sp3CVE-2018-10779SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.
LowCVE-2018-10779SUSE bug 1092480cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10780SUSE Linux Enterprise Desktop 12 SP3
Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.
LowCVE-2018-10780SUSE bug 1092475cpe:/o:suse:sled:12:sp3CVE-2018-10804SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.
ModerateCVE-2018-10804SUSE bug 1095813cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10805SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
LowCVE-2018-10805SUSE bug 1095812cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10811SUSE Linux Enterprise Desktop 12 SP4
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
ImportantCVE-2018-10811SUSE bug 1093536cpe:/o:suse:sled:12:sp4CVE-2018-1083SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.
ModerateCVE-2018-1083SUSE bug 1087026SUSE bug 1189668cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10839SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
ModerateCVE-2018-10839SUSE bug 1110910SUSE bug 1110924cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10844SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets.
ModerateCVE-2018-10844SUSE bug 1105437SUSE bug 1105459cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10845SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.
ModerateCVE-2018-10845SUSE bug 1105437SUSE bug 1105459cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10846SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.
ModerateCVE-2018-10846SUSE bug 1105460cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10852SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.
ModerateCVE-2018-10852SUSE bug 1098377cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10853SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.
ImportantCVE-2018-10853SUSE bug 1097104SUSE bug 1097108cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10858SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
ModerateCVE-2018-10858SUSE bug 1103411SUSE bug 1110943cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10860SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
ModerateCVE-2018-10860SUSE bug 1099497cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10861SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.
ImportantCVE-2018-10861SUSE bug 1099162SUSE bug 1114710cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10872SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.
ModerateCVE-2018-10872SUSE bug 1087088SUSE bug 1100835cpe:/o:suse:sled:12:sp3CVE-2018-10873SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts.
ImportantCVE-2018-10873SUSE bug 1104448cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10876SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.
LowCVE-2018-10876SUSE bug 1099811cpe:/o:suse:sled:12:sp3CVE-2018-10877SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.
ModerateCVE-2018-10877SUSE bug 1087082SUSE bug 1099846cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2018-10878SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
ModerateCVE-2018-10878SUSE bug 1087082SUSE bug 1099813cpe:/o:suse:sled:12:sp3CVE-2018-10879SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.
ModerateCVE-2018-10879SUSE bug 1087082SUSE bug 1099844cpe:/o:suse:sled:12:sp3CVE-2018-10880SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.
ModerateCVE-2018-10880SUSE bug 1087082SUSE bug 1099845cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2018-10881SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
ModerateCVE-2018-10881SUSE bug 1087082SUSE bug 1099864cpe:/o:suse:sled:12:sp3CVE-2018-10882SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.
ModerateCVE-2018-10882SUSE bug 1087082SUSE bug 1099849cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2018-10883SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
ModerateCVE-2018-10883SUSE bug 1087082SUSE bug 1099863cpe:/o:suse:sled:12:sp3CVE-2018-10893SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.
ModerateCVE-2018-10893SUSE bug 1101295cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10900SUSE Linux Enterprise Desktop 12 SP3
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root.
ModerateCVE-2018-10900SUSE bug 1101147cpe:/o:suse:sled:12:sp3CVE-2018-10902SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.
ImportantCVE-2018-10902SUSE bug 1105322SUSE bug 1105323cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10906SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects.
ModerateCVE-2018-10906SUSE bug 1101797SUSE bug 1127346SUSE bug 1127350cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1091SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service.
ModerateCVE-2018-1091SUSE bug 1087231cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10910SUSE Linux Enterprise Desktop 12 SP3
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.
LowCVE-2018-10910SUSE bug 1102238cpe:/o:suse:sled:12:sp3CVE-2018-10915SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.
ImportantCVE-2018-10915SUSE bug 1104199SUSE bug 1140876SUSE bug 1185814cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10916SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system.
ModerateCVE-2018-10916SUSE bug 1103367cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10918SUSE Linux Enterprise Desktop 12 SP3
A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable.
ModerateCVE-2018-10918SUSE bug 1103414cpe:/o:suse:sled:12:sp3CVE-2018-10919SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
ModerateCVE-2018-10919SUSE bug 1095057SUSE bug 1110943cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10925SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they could exploit this to update other columns in the same table.
ImportantCVE-2018-10925SUSE bug 1104202cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10933SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
CriticalCVE-2018-10933SUSE bug 1108020SUSE bug 1122198cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10938SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.
ImportantCVE-2018-10938SUSE bug 1106016SUSE bug 1106191cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1094SUSE Linux Enterprise Desktop 12 SP4
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.
ModerateCVE-2018-1094SUSE bug 1087007SUSE bug 1087082cpe:/o:suse:sled:12:sp4CVE-2018-10940SUSE Linux Enterprise Desktop 12 SP4
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
ModerateCVE-2018-10940SUSE bug 1087082SUSE bug 1092903SUSE bug 1107689SUSE bug 1113751cpe:/o:suse:sled:12:sp4CVE-2018-1095SUSE Linux Enterprise Desktop 12 SP2
The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image.
ModerateCVE-2018-1095SUSE bug 1087004SUSE bug 1087082cpe:/o:suse:sled:12:sp2CVE-2018-10958SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.
LowCVE-2018-10958SUSE bug 1092952cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10963SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.
ModerateCVE-2018-10963SUSE bug 1092949cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10981SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.
ModerateCVE-2018-10981SUSE bug 1090823SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10982SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.
ImportantCVE-2018-10982SUSE bug 1090822SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-10998SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.
LowCVE-2018-10998SUSE bug 1093095cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11037SUSE Linux Enterprise Desktop 12 SP3
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file.
ModerateCVE-2018-11037SUSE bug 1093475cpe:/o:suse:sled:12:sp3CVE-2018-1106SUSE Linux Enterprise Desktop 12 SP3
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.
ModerateCVE-2018-1106SUSE bug 1086936SUSE bug 1123722cpe:/o:suse:sled:12:sp3CVE-2018-1108SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.
ModerateCVE-2018-1108SUSE bug 1087082SUSE bug 1090818cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2018-1111SUSE Linux Enterprise Desktop 12 SP3
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
ImportantCVE-2018-1111SUSE bug 1093364cpe:/o:suse:sled:12:sp3CVE-2018-1115SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.
ModerateCVE-2018-1115SUSE bug 1091610cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1116SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.
LowCVE-2018-1116SUSE bug 1099031cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1118SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.
ModerateCVE-2018-1118SUSE bug 1087082SUSE bug 1092472cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2018-1120SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).
ModerateCVE-2018-1120SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11212SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
LowCVE-2018-11212SUSE bug 1122299cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1122SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
ModerateCVE-2018-1122SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1123SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).
ModerateCVE-2018-1123SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11236SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
ImportantCVE-2018-11236SUSE bug 1094161SUSE bug 1118435cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11237SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
ModerateCVE-2018-11237SUSE bug 1092877SUSE bug 1094154SUSE bug 1118435cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1124SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.
ModerateCVE-2018-1124SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1125SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.
ModerateCVE-2018-1125SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11251SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.
ModerateCVE-2018-11251SUSE bug 1094237cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11254SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054.
LowCVE-2018-11254SUSE bug 1094315cpe:/o:suse:sled:12:sp3CVE-2018-11255SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
LowCVE-2018-11255SUSE bug 1096890cpe:/o:suse:sled:12:sp4CVE-2018-11256SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append() in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
LowCVE-2018-11256SUSE bug 1096889cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1126SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
ModerateCVE-2018-1126SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1128SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
ImportantCVE-2018-1128SUSE bug 1096748SUSE bug 1114710SUSE bug 1177843SUSE bug 1177859cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1129SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
ImportantCVE-2018-1129SUSE bug 1096748SUSE bug 1114710cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1130SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
ModerateCVE-2018-1130SUSE bug 1092904cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11354SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
ModerateCVE-2018-11354SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11355SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
ModerateCVE-2018-11355SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11356SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
ModerateCVE-2018-11356SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11357SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
ModerateCVE-2018-11357SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11358SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.
ModerateCVE-2018-11358SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11359SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.
ModerateCVE-2018-11359SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11360SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.
ModerateCVE-2018-11360SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11361SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.
ModerateCVE-2018-11361SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11362SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character.
ModerateCVE-2018-11362SUSE bug 1094301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1139SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.
ModerateCVE-2018-1139SUSE bug 1095048cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2018-1140SUSE Linux Enterprise Desktop 12 SP3
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable
ImportantCVE-2018-1140SUSE bug 1095056cpe:/o:suse:sled:12:sp3CVE-2018-11410SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-11410SUSE bug 1094685cpe:/o:suse:sled:12:sp3CVE-2018-11440SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c.
LowCVE-2018-11440SUSE bug 1095189SUSE bug 1095827SUSE bug 1096665SUSE bug 1097103cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11508SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex.
ModerateCVE-2018-11508SUSE bug 1094947cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1152SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
ModerateCVE-2018-1152SUSE bug 1098155cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11531SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.
ModerateCVE-2018-11531SUSE bug 1095070cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11574SUSE Linux Enterprise Desktop 12 SP3
Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected.
ImportantCVE-2018-11574SUSE bug 1096283cpe:/o:suse:sled:12:sp3CVE-2018-11577SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
ModerateCVE-2018-11577SUSE bug 1095945cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-1160SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
CriticalCVE-2018-1160SUSE bug 1119540cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11624SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file.
LowCVE-2018-11624SUSE bug 1096203cpe:/o:suse:sled:12:sp3CVE-2018-11625SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
LowCVE-2018-11625SUSE bug 1096200cpe:/o:suse:sled:12:sp3CVE-2018-11646SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
ModerateCVE-2018-11646SUSE bug 1095611SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11655SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
LowCVE-2018-11655SUSE bug 1095730cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11656SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
ModerateCVE-2018-11656SUSE bug 1095726cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11683SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
ModerateCVE-2018-11683SUSE bug 1095827SUSE bug 1096665cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11684SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
ModerateCVE-2018-11684SUSE bug 1095826cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11685SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
ModerateCVE-2018-11685SUSE bug 1095825cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11712SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.
ModerateCVE-2018-11712SUSE bug 1096061SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11713SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection.
ModerateCVE-2018-11713SUSE bug 1096060SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11780SUSE Linux Enterprise Desktop 12 SP4
A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2.
ImportantCVE-2018-11780SUSE bug 1108750cpe:/o:suse:sled:12:sp4CVE-2018-11781SUSE Linux Enterprise Desktop 12 SP4
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.
ImportantCVE-2018-11781SUSE bug 1108748cpe:/o:suse:sled:12:sp4CVE-2018-11806SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
ModerateCVE-2018-11806SUSE bug 1096223SUSE bug 1096224SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-11813SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
ModerateCVE-2018-11813SUSE bug 1096209SUSE bug 1172994SUSE bug 1172995cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12015SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
ModerateCVE-2018-12015SUSE bug 1096718SUSE bug 1099497SUSE bug 1099507SUSE bug 1106717cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12020SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
ImportantCVE-2018-12020SUSE bug 1096745SUSE bug 1101134cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12085SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
LowCVE-2018-12085SUSE bug 1097103cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12086SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
ImportantCVE-2018-12086SUSE bug 1111647cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12126SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
ModerateCVE-2018-12126SUSE bug 1103186SUSE bug 1111331SUSE bug 1132686SUSE bug 1135409SUSE bug 1135524SUSE bug 1137916SUSE bug 1138534SUSE bug 1141977SUSE bug 1149725SUSE bug 1149726SUSE bug 1149729SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12127SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
ModerateCVE-2018-12127SUSE bug 1103186SUSE bug 1111331SUSE bug 1132686SUSE bug 1135409SUSE bug 1138534SUSE bug 1141977SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12130SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
ModerateCVE-2018-12130SUSE bug 1103186SUSE bug 1111331SUSE bug 1132686SUSE bug 1135409SUSE bug 1137916SUSE bug 1138534SUSE bug 1141977SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12178SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.
ImportantCVE-2018-12178SUSE bug 1127821cpe:/o:suse:sled:12:sp4CVE-2018-12179SUSE Linux Enterprise Desktop 12 SP4
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
ImportantCVE-2018-12179SUSE bug 1131360cpe:/o:suse:sled:12:sp4CVE-2018-12180SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
ImportantCVE-2018-12180SUSE bug 1127820cpe:/o:suse:sled:12:sp4CVE-2018-12181SUSE Linux Enterprise Desktop 12 SP4
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
ModerateCVE-2018-12181SUSE bug 1128503cpe:/o:suse:sled:12:sp4CVE-2018-12182SUSE Linux Enterprise Desktop 12 SP4
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
ModerateCVE-2018-12182SUSE bug 1131363cpe:/o:suse:sled:12:sp4CVE-2018-12183SUSE Linux Enterprise Desktop 12 SP4
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
ModerateCVE-2018-12183SUSE bug 1131362cpe:/o:suse:sled:12:sp4CVE-2018-12193SUSE Linux Enterprise Desktop 12 SP3
Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.
ImportantCVE-2018-12193SUSE bug 1111631cpe:/o:suse:sled:12:sp3CVE-2018-12207SUSE Linux Enterprise Desktop 12 SP4
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
ModerateCVE-2018-12207SUSE bug 1117665SUSE bug 1139073SUSE bug 1152505SUSE bug 1155812SUSE bug 1155817SUSE bug 1155945SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2018-12232SUSE Linux Enterprise Desktop 12 SP4
In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash.
ModerateCVE-2018-12232SUSE bug 1087082SUSE bug 1097593SUSE bug 1125907SUSE bug 1127757cpe:/o:suse:sled:12:sp4CVE-2018-12233SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.
ModerateCVE-2018-12233SUSE bug 1087082SUSE bug 1097234cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12327SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.
ModerateCVE-2018-12327SUSE bug 1098531SUSE bug 1107887SUSE bug 1111552SUSE bug 1111853SUSE bug 1155513cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12359SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-12359SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12360SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-12360SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12362SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-12362SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12363SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-12363SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12364SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-12364SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12365SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-12365SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12366SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-12366SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12368SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems. *Note: this issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ModerateCVE-2018-12368SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12376SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
ModerateCVE-2018-12376SUSE bug 1107343cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12377SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
ModerateCVE-2018-12377SUSE bug 1107343cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12378SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
ModerateCVE-2018-12378SUSE bug 1107343cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12379SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
ModerateCVE-2018-12379SUSE bug 1107343cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12381SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR < 60.2 and Firefox < 62.
ModerateCVE-2018-12381SUSE bug 1107343cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12383SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox < 62, Firefox ESR < 60.2.1, and Thunderbird < 60.2.1.
ModerateCVE-2018-12383SUSE bug 1107343cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12384SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3.
ModerateCVE-2018-12384SUSE bug 1106873SUSE bug 1119105SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12385SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird < 60.2.1, Firefox ESR < 60.2.1, and Firefox < 62.0.2.
ModerateCVE-2018-12385SUSE bug 1109363cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12386SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
ImportantCVE-2018-12386SUSE bug 1110506cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12387SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
ImportantCVE-2018-12387SUSE bug 1110507cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12389SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.3 and Thunderbird < 60.3.
ImportantCVE-2018-12389SUSE bug 1112852cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12390SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
ImportantCVE-2018-12390SUSE bug 1112852cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12392SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
ImportantCVE-2018-12392SUSE bug 1112852cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12393SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
ImportantCVE-2018-12393SUSE bug 1112852cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12395SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
ImportantCVE-2018-12395SUSE bug 1112852cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12396SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
ImportantCVE-2018-12396SUSE bug 1112852cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12397SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
ImportantCVE-2018-12397SUSE bug 1112852cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12404SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.
ModerateCVE-2018-12404SUSE bug 1119069SUSE bug 1119105SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12405SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
ImportantCVE-2018-12405SUSE bug 1112111SUSE bug 1119105SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12599SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
ModerateCVE-2018-12599SUSE bug 1098546SUSE bug 1117463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12600SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
ModerateCVE-2018-12600SUSE bug 1098545SUSE bug 1098546SUSE bug 1117463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12617SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.
ModerateCVE-2018-12617SUSE bug 1098735SUSE bug 1098744cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12648SUSE Linux Enterprise Desktop 12 SP3
The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference.
ModerateCVE-2018-12648SUSE bug 1098946cpe:/o:suse:sled:12:sp3CVE-2018-12886SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.
LowCVE-2018-12886SUSE bug 1136032cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12891SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.
ImportantCVE-2018-12891SUSE bug 1097521SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12892SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as "sd" in the libxl disk configuration, or an equivalent) are affected. IDE disks ("hd") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line.
ImportantCVE-2018-12892SUSE bug 1097523cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12893SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.
ImportantCVE-2018-12893SUSE bug 1097522SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12896SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.
LowCVE-2018-12896SUSE bug 1099922cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12900SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.
ModerateCVE-2018-12900SUSE bug 1099257SUSE bug 1125113SUSE bug 1150480cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12910SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
LowCVE-2018-12910SUSE bug 1100097cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12911SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.
ModerateCVE-2018-12911SUSE bug 1101999SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-12982SUSE Linux Enterprise Desktop 12 SP4
Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file.
ModerateCVE-2018-12982SUSE bug 1099720cpe:/o:suse:sled:12:sp4CVE-2018-13053SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
LowCVE-2018-13053SUSE bug 1099924cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-13093SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.
ModerateCVE-2018-13093SUSE bug 1100001cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-13094SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.
ModerateCVE-2018-13094SUSE bug 1087082SUSE bug 1100000cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-13095SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
ModerateCVE-2018-13095SUSE bug 1099999cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-13096SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.
ModerateCVE-2018-13096SUSE bug 1100062cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-13139SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave.
ModerateCVE-2018-13139SUSE bug 1100167SUSE bug 1116993cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-13405SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
ModerateCVE-2018-13405SUSE bug 1087082SUSE bug 1100416SUSE bug 1129735SUSE bug 1195161SUSE bug 1198702cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-13406SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.
ModerateCVE-2018-13406SUSE bug 1098016SUSE bug 1100418cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-13419SUSE Linux Enterprise Desktop 12 SP3
** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue.
LowCVE-2018-13419SUSE bug 1100524cpe:/o:suse:sled:12:sp3CVE-2018-13785SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
LowCVE-2018-13785SUSE bug 1100687SUSE bug 1112153SUSE bug 1116574cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14036SUSE Linux Enterprise Desktop 12 SP4
Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.
ModerateCVE-2018-14036SUSE bug 1099699SUSE bug 1101332SUSE bug 1112694cpe:/o:suse:sled:12:sp4CVE-2018-14038SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-7642. Reason: This candidate is a reservation duplicate of CVE-2018-7642. Notes: All CVE users should reference CVE-2018-7642 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2018-14038SUSE bug 1086786SUSE bug 1128518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14044SUSE Linux Enterprise Desktop 12 SP3
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
LowCVE-2018-14044SUSE bug 1101292cpe:/o:suse:sled:12:sp3CVE-2018-14046SUSE Linux Enterprise Desktop 12 SP3
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.
LowCVE-2018-14046SUSE bug 1101339cpe:/o:suse:sled:12:sp3CVE-2018-14048SUSE Linux Enterprise Desktop 12 SP3
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
LowCVE-2018-14048SUSE bug 1101418cpe:/o:suse:sled:12:sp3CVE-2018-14320SUSE Linux Enterprise Desktop 12 SP3
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within PdfEncoding::ParseToUnicode. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-5673.
LowCVE-2018-14320SUSE bug 1108764cpe:/o:suse:sled:12:sp3CVE-2018-14338SUSE Linux Enterprise Desktop 12 SP3
samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.
LowCVE-2018-14338SUSE bug 1101886cpe:/o:suse:sled:12:sp3CVE-2018-14339SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.
LowCVE-2018-14339SUSE bug 1101810cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14340SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
LowCVE-2018-14340SUSE bug 1101804cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14341SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.
LowCVE-2018-14341SUSE bug 1101776cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14342SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.
LowCVE-2018-14342SUSE bug 1101777cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14343SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.
LowCVE-2018-14343SUSE bug 1101786cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14344SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.
LowCVE-2018-14344SUSE bug 1101788cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14348SUSE Linux Enterprise Desktop 12 SP3
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
ModerateCVE-2018-14348SUSE bug 1100365cpe:/o:suse:sled:12:sp3CVE-2018-14349SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.
ModerateCVE-2018-14349SUSE bug 1101428SUSE bug 1101589SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14350SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.
ModerateCVE-2018-14350SUSE bug 1101428SUSE bug 1101588SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14351SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.
ImportantCVE-2018-14351SUSE bug 1101428SUSE bug 1101583SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14352SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.
ModerateCVE-2018-14352SUSE bug 1101428SUSE bug 1101582SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14353SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.
ModerateCVE-2018-14353SUSE bug 1101428SUSE bug 1101581SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14354SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.
CriticalCVE-2018-14354SUSE bug 1101428SUSE bug 1101578SUSE bug 1101581SUSE bug 1101589SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14355SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.
ModerateCVE-2018-14355SUSE bug 1101428SUSE bug 1101577SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14356SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.
ModerateCVE-2018-14356SUSE bug 1101428SUSE bug 1101576SUSE bug 1101589SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14357SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.
ImportantCVE-2018-14357SUSE bug 1101428SUSE bug 1101573SUSE bug 1101581SUSE bug 1101589SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14358SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.
ModerateCVE-2018-14358SUSE bug 1101428SUSE bug 1101571SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14359SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.
ModerateCVE-2018-14359SUSE bug 1101428SUSE bug 1101570SUSE bug 1101589SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14360SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.
ImportantCVE-2018-14360SUSE bug 1101428SUSE bug 1101569SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14361SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.
ImportantCVE-2018-14361SUSE bug 1101428SUSE bug 1101568SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14362SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.
ModerateCVE-2018-14362SUSE bug 1101428SUSE bug 1101567SUSE bug 1101589SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14363SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.
ModerateCVE-2018-14363SUSE bug 1101428SUSE bug 1101566SUSE bug 1101593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14367SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.
LowCVE-2018-14367SUSE bug 1101791cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14368SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.
LowCVE-2018-14368SUSE bug 1101794cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14369SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.
LowCVE-2018-14369SUSE bug 1101800cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14370SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.
LowCVE-2018-14370SUSE bug 1101802cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14404SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.
ModerateCVE-2018-14404SUSE bug 1102046SUSE bug 1148896cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14424SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.
ImportantCVE-2018-14424SUSE bug 1103737cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14434SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
LowCVE-2018-14434SUSE bug 1102003cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14435SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
LowCVE-2018-14435SUSE bug 1102007cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14436SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
LowCVE-2018-14436SUSE bug 1102005cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14437SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
LowCVE-2018-14437SUSE bug 1102004cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14438SUSE Linux Enterprise Desktop 12 SP3
In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily.
ModerateCVE-2018-14438SUSE bug 1102012cpe:/o:suse:sled:12:sp3CVE-2018-14498SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
ModerateCVE-2018-14498SUSE bug 1128712cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14526SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
ModerateCVE-2018-14526SUSE bug 1104205cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14550SUSE Linux Enterprise Desktop 12 SP3
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
ImportantCVE-2018-14550SUSE bug 1102846cpe:/o:suse:sled:12:sp3CVE-2018-14551SUSE Linux Enterprise Desktop 12 SP3
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
ModerateCVE-2018-14551SUSE bug 1102401cpe:/o:suse:sled:12:sp3CVE-2018-14553SUSE Linux Enterprise Desktop 12 SP4
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
ModerateCVE-2018-14553SUSE bug 1165471cpe:/o:suse:sled:12:sp4CVE-2018-14567SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
ModerateCVE-2018-14567SUSE bug 1088279SUSE bug 1088601SUSE bug 1105166cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14598SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
ModerateCVE-2018-14598SUSE bug 1102073cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14599SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
ModerateCVE-2018-14599SUSE bug 1102062cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14600SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
ImportantCVE-2018-14600SUSE bug 1102068SUSE bug 1178417cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14609SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized.
ModerateCVE-2018-14609SUSE bug 1102875SUSE bug 1103597cpe:/o:suse:sled:12:sp1CVE-2018-14610SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c.
ModerateCVE-2018-14610SUSE bug 1102877cpe:/o:suse:sled:12:sp1CVE-2018-14611SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.
ModerateCVE-2018-14611SUSE bug 1102879cpe:/o:suse:sled:12:sp1CVE-2018-14613SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.
ModerateCVE-2018-14613SUSE bug 1102896SUSE bug 1103800cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14617SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.
ModerateCVE-2018-14617SUSE bug 1102870cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14618SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)
ModerateCVE-2018-14618SUSE bug 1106019SUSE bug 1112758SUSE bug 1122464cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14619SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges.
ModerateCVE-2018-14619SUSE bug 1087082SUSE bug 1106174cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14621SUSE Linux Enterprise Desktop 12 SP3
An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to using poll rather than select, exhaustion of file descriptors would cause the server to enter an infinite loop, consuming a large amount of CPU time and denying service to other clients until restarted.
ModerateCVE-2018-14621SUSE bug 1106519cpe:/o:suse:sled:12:sp3CVE-2018-14622SUSE Linux Enterprise Desktop 12 SP3
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
ModerateCVE-2018-14622SUSE bug 1106517SUSE bug 968175cpe:/o:suse:sled:12:sp3CVE-2018-14625SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.
ModerateCVE-2018-14625SUSE bug 1106615cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14629SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.
ModerateCVE-2018-14629SUSE bug 1116319cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14633SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable.
ImportantCVE-2018-14633SUSE bug 1107829SUSE bug 1107832cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14646SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service.
ModerateCVE-2018-14646SUSE bug 1117290cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14647SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.
ModerateCVE-2018-14647SUSE bug 1109847SUSE bug 1126909cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14662SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.
LowCVE-2018-14662SUSE bug 1111177SUSE bug 1114710cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14665SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
ImportantCVE-2018-14665SUSE bug 1111697SUSE bug 1112020cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14678SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges.
ModerateCVE-2018-14678SUSE bug 1102715cpe:/o:suse:sled:12:sp4CVE-2018-14679SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
ModerateCVE-2018-14679SUSE bug 1102922SUSE bug 1103032SUSE bug 1103040cpe:/o:suse:sled:12:sp3CVE-2018-14680SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
ModerateCVE-2018-14680SUSE bug 1102922SUSE bug 1103032SUSE bug 1103040cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14681SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
ModerateCVE-2018-14681SUSE bug 1102922SUSE bug 1103032SUSE bug 1103040cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14682SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.
ModerateCVE-2018-14682SUSE bug 1102922SUSE bug 1103032SUSE bug 1103040cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-14722SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted filesystem label if btrfs-{scrub,balance,trim} are set to auto in /etc/sysconfig/btrfsmaintenance (this is not the default, though).
ModerateCVE-2018-14722SUSE bug 1102721cpe:/o:suse:sled:12:sp3CVE-2018-14734SUSE Linux Enterprise Desktop 12 SP3
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
ImportantCVE-2018-14734SUSE bug 1103119SUSE bug 1131390cpe:/o:suse:sled:12:sp3CVE-2018-14779SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len + recv_len - 2 > max_out) { fprintf(stderr, "Output buffer to small, wanted to write %lu, max was %lu.", *out_len + recv_len - 2, max_out); } if(out_data) { memcpy(out_data, data, recv_len - 2); out_data += recv_len - 2; *out_len += recv_len - 2; } {% endhighlight %} -- it is clearly checked whether the buffer is big enough to hold the data copied using `memcpy()`, but no error handling happens to avoid the `memcpy()` in such cases. This code path can be triggered with malicious data coming from a smartcard.
ImportantCVE-2018-14779SUSE bug 1104809cpe:/o:suse:sled:12:sp4CVE-2018-14780SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `_ykpiv_fetch_object()`: {% highlight c %} if(sw == SW_SUCCESS) { size_t outlen; int offs = _ykpiv_get_length(data + 1, &outlen); if(offs == 0) { return YKPIV_SIZE_ERROR; } memmove(data, data + 1 + offs, outlen); *len = outlen; return YKPIV_OK; } else { return YKPIV_GENERIC_ERROR; } {% endhighlight %} -- in the end, a `memmove()` occurs with a length retrieved from APDU data. This length is not checked for whether it is outside of the APDU data retrieved. Therefore the `memmove()` could copy bytes behind the allocated data buffer into this buffer.
LowCVE-2018-14780SUSE bug 1104809SUSE bug 1104811cpe:/o:suse:sled:12:sp4CVE-2018-14939SUSE Linux Enterprise Desktop 12 SP3
The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site.
ModerateCVE-2018-14939SUSE bug 1103850cpe:/o:suse:sled:12:sp3CVE-2018-15120SUSE Linux Enterprise Desktop 12 SP3
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.
ModerateCVE-2018-15120SUSE bug 1103877cpe:/o:suse:sled:12:sp3CVE-2018-15209SUSE Linux Enterprise Desktop 12 SP3
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.
ModerateCVE-2018-15209SUSE bug 1104141SUSE bug 1106853cpe:/o:suse:sled:12:sp3CVE-2018-15378SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.
ModerateCVE-2018-15378SUSE bug 1110723cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15468SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service.
ModerateCVE-2018-15468SUSE bug 1103276cpe:/o:suse:sled:12:sp3CVE-2018-15469SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash).
ModerateCVE-2018-15469SUSE bug 1103275cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15470SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS.
ModerateCVE-2018-15470SUSE bug 1103279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15473SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
ModerateCVE-2018-15473SUSE bug 1105010SUSE bug 1106163SUSE bug 1123133SUSE bug 1138392cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15518SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
ModerateCVE-2018-15518SUSE bug 1118595SUSE bug 1126909cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15572SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
ImportantCVE-2018-15572SUSE bug 1102517SUSE bug 1105296cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15587SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.
ModerateCVE-2018-15587SUSE bug 1125230cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15594SUSE Linux Enterprise Desktop 12 SP3
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
ModerateCVE-2018-15594SUSE bug 1105348SUSE bug 1133319cpe:/o:suse:sled:12:sp3CVE-2018-15686SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
ModerateCVE-2018-15686SUSE bug 1113665SUSE bug 1120323cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15687SUSE Linux Enterprise Desktop 12 SP3
A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.
ModerateCVE-2018-15687SUSE bug 1113666cpe:/o:suse:sled:12:sp3CVE-2018-15688SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
ImportantCVE-2018-15688SUSE bug 1113632SUSE bug 1113668SUSE bug 1113669cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15746SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
ModerateCVE-2018-15746SUSE bug 1106222cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15908SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.
ImportantCVE-2018-15908SUSE bug 1105464SUSE bug 1106171cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15909SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
ImportantCVE-2018-15909SUSE bug 1105464SUSE bug 1106172cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15910SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
ImportantCVE-2018-15910SUSE bug 1105464SUSE bug 1106173cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-15911SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.
ImportantCVE-2018-15911SUSE bug 1105464SUSE bug 1106195SUSE bug 1108027SUSE bug 1109105SUSE bug 1111479SUSE bug 1111480SUSE bug 1112229SUSE bug 1117022SUSE bug 1118455cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16056SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.
ImportantCVE-2018-16056SUSE bug 1106514cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16057SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.
ImportantCVE-2018-16057SUSE bug 1106514cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16058SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.
ImportantCVE-2018-16058SUSE bug 1106514cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16062SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
ModerateCVE-2018-16062SUSE bug 1106390cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16151SUSE Linux Enterprise Desktop 12 SP4
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication.
ModerateCVE-2018-16151SUSE bug 1107874SUSE bug 1109845cpe:/o:suse:sled:12:sp4CVE-2018-16152SUSE Linux Enterprise Desktop 12 SP4
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568.
ModerateCVE-2018-16152SUSE bug 1107874cpe:/o:suse:sled:12:sp4CVE-2018-16276SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.
ImportantCVE-2018-16276SUSE bug 1106095SUSE bug 1115593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16301SUSE Linux Enterprise Desktop 12 SP4
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
ModerateCVE-2018-16301SUSE bug 1153098SUSE bug 1153332SUSE bug 1195825cpe:/o:suse:sled:12:sp4CVE-2018-16323SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.
ModerateCVE-2018-16323SUSE bug 1106855cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16328SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
ModerateCVE-2018-16328SUSE bug 1106857cpe:/o:suse:sled:12:sp3CVE-2018-16329SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
ModerateCVE-2018-16329SUSE bug 1106858cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16335SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.
ModerateCVE-2018-16335SUSE bug 1106853cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16391SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several buffer overflows when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16391SUSE bug 1106998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16392SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16392SUSE bug 1106999cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16393SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16393SUSE bug 1108318cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16402SUSE Linux Enterprise Desktop 12 SP3
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
ModerateCVE-2018-16402SUSE bug 1107066cpe:/o:suse:sled:12:sp3CVE-2018-16403SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
LowCVE-2018-16403SUSE bug 1107067cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16412SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
LowCVE-2018-16412SUSE bug 1106989SUSE bug 1106996cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16413SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.
LowCVE-2018-16413SUSE bug 1106989SUSE bug 1106996cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16418SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16418SUSE bug 1107039cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16419SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16419SUSE bug 1107107cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16420SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16420SUSE bug 1107097cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16421SUSE Linux Enterprise Desktop 12 SP3
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16421SUSE bug 1107049cpe:/o:suse:sled:12:sp3CVE-2018-16422SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16422SUSE bug 1107038cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16423SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16423SUSE bug 1107037cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16424SUSE Linux Enterprise Desktop 12 SP3
A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16424SUSE bug 1107036cpe:/o:suse:sled:12:sp3CVE-2018-16425SUSE Linux Enterprise Desktop 12 SP3
A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-16425SUSE bug 1107035cpe:/o:suse:sled:12:sp3CVE-2018-16426SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs.
ModerateCVE-2018-16426SUSE bug 1107034cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16427SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.
ModerateCVE-2018-16427SUSE bug 1107033cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16428SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
ModerateCVE-2018-16428SUSE bug 1107121cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16429SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
ModerateCVE-2018-16429SUSE bug 1107116cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16435SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
ModerateCVE-2018-16435SUSE bug 1108813cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16509SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.
ImportantCVE-2018-16509SUSE bug 1107410SUSE bug 1108027SUSE bug 1118318cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16510SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.
ImportantCVE-2018-16510SUSE bug 1107411cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16511SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.
ImportantCVE-2018-16511SUSE bug 1107426SUSE bug 1111479SUSE bug 1112229cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16513SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
ImportantCVE-2018-16513SUSE bug 1107412cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16539SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
ModerateCVE-2018-16539SUSE bug 1107422cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16540SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
ImportantCVE-2018-16540SUSE bug 1107420cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16541SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.
ImportantCVE-2018-16541SUSE bug 1107421SUSE bug 1108027SUSE bug 1109105SUSE bug 1111479SUSE bug 1111480SUSE bug 1112229SUSE bug 1117022SUSE bug 1118455cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16542SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
ImportantCVE-2018-16542SUSE bug 1107413cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16543SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.
ImportantCVE-2018-16543SUSE bug 1107423cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16548SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack.
LowCVE-2018-16548SUSE bug 1107424cpe:/o:suse:sled:12:sp4CVE-2018-16585SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193).
LowCVE-2018-16585SUSE bug 1107581cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16597SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
ModerateCVE-2018-16597SUSE bug 1106512cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16640SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
LowCVE-2018-16640SUSE bug 1107619cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16641SUSE Linux Enterprise Desktop 12 SP3
ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.
LowCVE-2018-16641SUSE bug 1107618cpe:/o:suse:sled:12:sp3CVE-2018-16642SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
ModerateCVE-2018-16642SUSE bug 1107616cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16643SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
LowCVE-2018-16643SUSE bug 1107612cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16644SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
LowCVE-2018-16644SUSE bug 1107609SUSE bug 1107612SUSE bug 1117463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16645SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.
LowCVE-2018-16645SUSE bug 1107604cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16658SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.
ModerateCVE-2018-16658SUSE bug 1092903SUSE bug 1107689SUSE bug 1113751cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16741SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.
ImportantCVE-2018-16741SUSE bug 1108752cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16742SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.
LowCVE-2018-16742SUSE bug 1108762cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16743SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.
LowCVE-2018-16743SUSE bug 1108761cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16744SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.
LowCVE-2018-16744SUSE bug 1108757cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16745SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it.
LowCVE-2018-16745SUSE bug 1108756cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16749SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
LowCVE-2018-16749SUSE bug 1108282cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16750SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
LowCVE-2018-16750SUSE bug 1108283cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16802SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.
ImportantCVE-2018-16802SUSE bug 1107410SUSE bug 1108027SUSE bug 1109105SUSE bug 1111479SUSE bug 1111480SUSE bug 1112229SUSE bug 1117022SUSE bug 1117327SUSE bug 1118455cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16838SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
ModerateCVE-2018-16838SUSE bug 1124194cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16839SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.
ModerateCVE-2018-16839SUSE bug 1112758SUSE bug 1113029SUSE bug 1131886cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16840SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.
ModerateCVE-2018-16840SUSE bug 1112758SUSE bug 1113029SUSE bug 1122464cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16841SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process.
ModerateCVE-2018-16841SUSE bug 1116320cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16842SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
ModerateCVE-2018-16842SUSE bug 1113660SUSE bug 1122464cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16846SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.
ModerateCVE-2018-16846SUSE bug 1114710cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16847SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.
ImportantCVE-2018-16847SUSE bug 1114529SUSE bug 1114540cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16850SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.
ImportantCVE-2018-16850SUSE bug 1114837cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16851SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service.
ModerateCVE-2018-16851SUSE bug 1116322cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16852SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference. During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will follow a NULL pointer and terminate. There is no further vulnerability associated with this issue, merely a denial of service.
ModerateCVE-2018-16852SUSE bug 1116321cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16853SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will not issue security patches for this configuration. Additionally, Samba 4.7.12, 4.8.7 and 4.9.3 have been issued as security releases to prevent building of the AD DC with MIT Kerberos unless --with-experimental-mit-ad-dc is specified to the configure command.
ImportantCVE-2018-16853SUSE bug 1116324cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16857SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all. The primary risk from this issue is with regards to domains that have been upgraded from Samba 4.8 and earlier. In these cases the manual testing done to confirm an organisation's password policies apply as expected may not have been re-done after the upgrade.
ImportantCVE-2018-16857SUSE bug 1116323cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16858SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.
CVE-2018-16858SUSE bug 1124062SUSE bug 1146107cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16860SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.
ImportantCVE-2018-16860SUSE bug 1134024cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16862SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
ModerateCVE-2018-16862SUSE bug 1117186cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16863SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.
ImportantCVE-2018-16863SUSE bug 1118318cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16864SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.
ImportantCVE-2018-16864SUSE bug 1108912SUSE bug 1120323SUSE bug 1122265SUSE bug 1188063cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16865SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.
ImportantCVE-2018-16865SUSE bug 1108912SUSE bug 1120323SUSE bug 1122265SUSE bug 1188063cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16866SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
ModerateCVE-2018-16866SUSE bug 1108912SUSE bug 1120323SUSE bug 1122265SUSE bug 1126183cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16867SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.
ImportantCVE-2018-16867SUSE bug 1118641cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16871SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.
ImportantCVE-2018-16871SUSE bug 1137103SUSE bug 1156320cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16872SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.
ModerateCVE-2018-16872SUSE bug 1119493SUSE bug 1119494cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16880SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable.
ModerateCVE-2018-16880SUSE bug 1122767cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16881SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.
ImportantCVE-2018-16881SUSE bug 1123164cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16882SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.
ImportantCVE-2018-16882SUSE bug 1119934cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16883SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.
LowCVE-2018-16883SUSE bug 1120089cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16884SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
ImportantCVE-2018-16884SUSE bug 1119946SUSE bug 1119947cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16885SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7.
ModerateCVE-2018-16885SUSE bug 1120258cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16889SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.
ModerateCVE-2018-16889SUSE bug 1121567cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-16890SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.
ModerateCVE-2018-16890SUSE bug 1123371SUSE bug 1123378SUSE bug 1141798cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17000SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.
LowCVE-2018-17000SUSE bug 1108606SUSE bug 1115717SUSE bug 1125113cpe:/o:suse:sled:12:sp4CVE-2018-17095SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
ImportantCVE-2018-17095SUSE bug 1111586cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17096SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
ModerateCVE-2018-17096SUSE bug 1108630cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17097SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch.
LowCVE-2018-17097SUSE bug 1108631cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17098SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch.
LowCVE-2018-17098SUSE bug 1108632cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17100SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.
LowCVE-2018-17100SUSE bug 1108637cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17101SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.
LowCVE-2018-17101SUSE bug 1108627cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17182SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
ImportantCVE-2018-17182SUSE bug 1108399SUSE bug 1110233cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17183SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
ImportantCVE-2018-17183SUSE bug 1108027SUSE bug 1109105SUSE bug 1111479SUSE bug 1111480SUSE bug 1112229SUSE bug 1117022SUSE bug 1117331SUSE bug 1118455cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17229SUSE Linux Enterprise Desktop 12 SP3
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
ModerateCVE-2018-17229SUSE bug 1109175SUSE bug 1109176cpe:/o:suse:sled:12:sp3CVE-2018-17230SUSE Linux Enterprise Desktop 12 SP3
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
ModerateCVE-2018-17230SUSE bug 1109176cpe:/o:suse:sled:12:sp3CVE-2018-17282SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
LowCVE-2018-17282SUSE bug 1109299cpe:/o:suse:sled:12:sp3CVE-2018-17336SUSE Linux Enterprise Desktop 12 SP3
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.
ImportantCVE-2018-17336SUSE bug 1109406cpe:/o:suse:sled:12:sp3CVE-2018-17358SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
ModerateCVE-2018-17358SUSE bug 1109412cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17359SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
ModerateCVE-2018-17359SUSE bug 1109413cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17360SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.
ModerateCVE-2018-17360SUSE bug 1109414cpe:/o:suse:sled:12:sp4CVE-2018-17407SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.
ImportantCVE-2018-17407SUSE bug 1109673SUSE bug 1125938SUSE bug 1126909cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17466SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2018-17466SUSE bug 1112111SUSE bug 1119105SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17540SUSE Linux Enterprise Desktop 12 SP4
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
ImportantCVE-2018-17540SUSE bug 1107874SUSE bug 1109845cpe:/o:suse:sled:12:sp4CVE-2018-17795SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.
ModerateCVE-2018-17795SUSE bug 1046077SUSE bug 1110358cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17828SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.
ModerateCVE-2018-17828SUSE bug 1110687cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17958SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
ModerateCVE-2018-17958SUSE bug 1111006SUSE bug 1111007cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17961SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183.
ModerateCVE-2018-17961SUSE bug 1108027SUSE bug 1109105SUSE bug 1111479SUSE bug 1111480SUSE bug 1112229SUSE bug 1117022SUSE bug 1117331SUSE bug 1118455SUSE bug 1129180cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17962SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
ModerateCVE-2018-17962SUSE bug 1111010SUSE bug 1111011cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17963SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
ModerateCVE-2018-17963SUSE bug 1111013SUSE bug 1111014SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17965SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.
LowCVE-2018-17965SUSE bug 1110747SUSE bug 1117463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17966SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
LowCVE-2018-17966SUSE bug 1110746SUSE bug 1117463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-17972SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.
LowCVE-2018-17972SUSE bug 1110785cpe:/o:suse:sled:12:sp3CVE-2018-17985SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.
ModerateCVE-2018-17985SUSE bug 1116827cpe:/o:suse:sled:12:sp4CVE-2018-18016SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
LowCVE-2018-18016SUSE bug 1111072SUSE bug 1117463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18020SUSE Linux Enterprise Desktop 12 SP3
In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file.
ModerateCVE-2018-18020SUSE bug 1111016cpe:/o:suse:sled:12:sp3CVE-2018-18023SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.
LowCVE-2018-18023SUSE bug 1111068cpe:/o:suse:sled:12:sp3CVE-2018-18024SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
LowCVE-2018-18024SUSE bug 1111069SUSE bug 1117463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18025SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
LowCVE-2018-18025SUSE bug 1111070cpe:/o:suse:sled:12:sp3CVE-2018-18065SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
ImportantCVE-2018-18065SUSE bug 1111122SUSE bug 1126909SUSE bug 1145864cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18066SUSE Linux Enterprise Desktop 12 SP3
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
ImportantCVE-2018-18066SUSE bug 1111123cpe:/o:suse:sled:12:sp3CVE-2018-18073SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
ModerateCVE-2018-18073SUSE bug 1108027SUSE bug 1109105SUSE bug 1111479SUSE bug 1111480SUSE bug 1112229SUSE bug 1117022SUSE bug 1117331SUSE bug 1118455cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18088SUSE Linux Enterprise Desktop 12 SP3
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
LowCVE-2018-18088SUSE bug 1111638cpe:/o:suse:sled:12:sp3CVE-2018-18227SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
ImportantCVE-2018-18227SUSE bug 1111647cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18281SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.
ModerateCVE-2018-18281SUSE bug 1113769cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18284SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
ImportantCVE-2018-18284SUSE bug 1108027SUSE bug 1109105SUSE bug 1111479SUSE bug 1111480SUSE bug 1112229SUSE bug 1117022SUSE bug 1117331SUSE bug 1118455SUSE bug 1144621cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18309SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.
LowCVE-2018-18309SUSE bug 1111996cpe:/o:suse:sled:12:sp4CVE-2018-18310SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.
LowCVE-2018-18310SUSE bug 1111973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18311SUSE Linux Enterprise Desktop 12 SP4
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
ImportantCVE-2018-18311SUSE bug 1114674cpe:/o:suse:sled:12:sp4CVE-2018-18312SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
ModerateCVE-2018-18312SUSE bug 1114675cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18313SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
ModerateCVE-2018-18313SUSE bug 1114681cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18314SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
ModerateCVE-2018-18314SUSE bug 1114686cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18335SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2018-18335SUSE bug 1118529SUSE bug 1125330cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18356SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2018-18356SUSE bug 1118529SUSE bug 1125330SUSE bug 1125396cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18386SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
ModerateCVE-2018-18386SUSE bug 1094825SUSE bug 1112039cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18397SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
ModerateCVE-2018-18397SUSE bug 1117656cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18438SUSE Linux Enterprise Desktop 12 SP3
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
ModerateCVE-2018-18438SUSE bug 1112185SUSE bug 1112188cpe:/o:suse:sled:12:sp3CVE-2018-18443SUSE Linux Enterprise Desktop 12 SP3
OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview.
LowCVE-2018-18443SUSE bug 1113454SUSE bug 1113455cpe:/o:suse:sled:12:sp3CVE-2018-18444SUSE Linux Enterprise Desktop 12 SP4
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.
LowCVE-2018-18444SUSE bug 1113455cpe:/o:suse:sled:12:sp4CVE-2018-18445SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
ModerateCVE-2018-18445SUSE bug 1112372cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18483SUSE Linux Enterprise Desktop 12 SP4
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.
ModerateCVE-2018-18483SUSE bug 1112535cpe:/o:suse:sled:12:sp4CVE-2018-18484SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.
ModerateCVE-2018-18484SUSE bug 1112534cpe:/o:suse:sled:12:sp4CVE-2018-18492SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
ImportantCVE-2018-18492SUSE bug 1112111SUSE bug 1119105SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18493SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
ImportantCVE-2018-18493SUSE bug 1112111SUSE bug 1119105SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18494SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
ImportantCVE-2018-18494SUSE bug 1112111SUSE bug 1119105SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18498SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
ImportantCVE-2018-18498SUSE bug 1112111SUSE bug 1119105SUSE bug 1121207cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18500SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
ImportantCVE-2018-18500SUSE bug 1122983SUSE bug 986639cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18501SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
ImportantCVE-2018-18501SUSE bug 1122983SUSE bug 986639cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18505SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
ImportantCVE-2018-18505SUSE bug 1122983SUSE bug 986639cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18506SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65.
ImportantCVE-2018-18506SUSE bug 1122983SUSE bug 1129821SUSE bug 986639cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18510SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.
ModerateCVE-2018-18510SUSE bug 1133645cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18511SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1.
ModerateCVE-2018-18511SUSE bug 1125330SUSE bug 1125396SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18520SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
LowCVE-2018-18520SUSE bug 1112726cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18521SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled.
LowCVE-2018-18521SUSE bug 1112723cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18544SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
ModerateCVE-2018-18544SUSE bug 1113064cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18557SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.
ModerateCVE-2018-18557SUSE bug 1113094cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18559SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.
ImportantCVE-2018-18559SUSE bug 1112859SUSE bug 1112921cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2018-18605SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
ModerateCVE-2018-18605SUSE bug 1113255cpe:/o:suse:sled:12:sp4CVE-2018-18606SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
LowCVE-2018-18606SUSE bug 1113252cpe:/o:suse:sled:12:sp4CVE-2018-18607SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
LowCVE-2018-18607SUSE bug 1113247cpe:/o:suse:sled:12:sp4CVE-2018-18651SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file.
LowCVE-2018-18651SUSE bug 1113983cpe:/o:suse:sled:12:sp3CVE-2018-18661SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.
LowCVE-2018-18661SUSE bug 1113672cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18690SUSE Linux Enterprise Desktop 12 SP3
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.
ModerateCVE-2018-18690SUSE bug 1105025cpe:/o:suse:sled:12:sp3CVE-2018-18710SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.
ModerateCVE-2018-18710SUSE bug 1113751cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18849SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
ModerateCVE-2018-18849SUSE bug 1114422SUSE bug 1114423SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18883SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted.
ModerateCVE-2018-18883SUSE bug 1114405cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18915SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack.
LowCVE-2018-18915SUSE bug 1114690cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18928SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.
ModerateCVE-2018-18928SUSE bug 1114629cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-18954SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.
ImportantCVE-2018-18954SUSE bug 1114957cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19208SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h.
ModerateCVE-2018-19208SUSE bug 1115713cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19210SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
LowCVE-2018-19210SUSE bug 1108606SUSE bug 1115717cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19211SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection.
ModerateCVE-2018-19211SUSE bug 1115929SUSE bug 1131830cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19217SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party.
ModerateCVE-2018-19217SUSE bug 1115932cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19364SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
ModerateCVE-2018-19364SUSE bug 1116717SUSE bug 1116726cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19406SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.
ModerateCVE-2018-19406SUSE bug 1116855cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19407SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
ModerateCVE-2018-19407SUSE bug 1116841cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19409SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
ImportantCVE-2018-19409SUSE bug 1108027SUSE bug 1109105SUSE bug 1111479SUSE bug 1111480SUSE bug 1112229SUSE bug 1117022SUSE bug 1117331SUSE bug 1118455cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19416SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memmove call, as demonstrated by sadf.
LowCVE-2018-19416SUSE bug 1117001cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19475SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
ImportantCVE-2018-19475SUSE bug 1117327SUSE bug 1117331cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19476SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
ImportantCVE-2018-19476SUSE bug 1117313SUSE bug 1117331cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19477SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
ImportantCVE-2018-19477SUSE bug 1117274SUSE bug 1117331cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19489SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
LowCVE-2018-19489SUSE bug 1117275SUSE bug 1117279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19517SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memset call, as demonstrated by sadf.
LowCVE-2018-19517SUSE bug 1117260cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19519SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
ModerateCVE-2018-19519SUSE bug 1117267cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19539SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.
ModerateCVE-2018-19539SUSE bug 1117511SUSE bug 1178702cpe:/o:suse:sled:12:sp4CVE-2018-19540SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
ModerateCVE-2018-19540SUSE bug 1117508SUSE bug 1178702cpe:/o:suse:sled:12:sp4CVE-2018-19541SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.
ModerateCVE-2018-19541SUSE bug 1117507SUSE bug 1119411SUSE bug 1178702cpe:/o:suse:sled:12:sp4CVE-2018-19542SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.
ModerateCVE-2018-19542SUSE bug 1117505SUSE bug 1117507SUSE bug 1178702cpe:/o:suse:sled:12:sp4CVE-2018-19565SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer over-read in crop_masked_pixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
LowCVE-2018-19565SUSE bug 1117622cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19566SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
ModerateCVE-2018-19566SUSE bug 1117517cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19567SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
LowCVE-2018-19567SUSE bug 1117512cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19568SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A floating point exception in kodak_radc_load_raw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
ModerateCVE-2018-19568SUSE bug 1117436cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19591SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
ModerateCVE-2018-19591SUSE bug 1117603cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19607SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
ModerateCVE-2018-19607SUSE bug 1117513cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19622SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.
ModerateCVE-2018-19622SUSE bug 1117740cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19623SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.
ModerateCVE-2018-19623SUSE bug 1117740cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19624SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.
ModerateCVE-2018-19624SUSE bug 1117740cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19625SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.
ModerateCVE-2018-19625SUSE bug 1117740cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19626SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.
ModerateCVE-2018-19626SUSE bug 1117740cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19627SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.
ModerateCVE-2018-19627SUSE bug 1117740cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19628SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.
ModerateCVE-2018-19628SUSE bug 1117740cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19636SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker provides one at an arbitrary location it is executed with root privileges
ImportantCVE-2018-19636SUSE bug 1063385SUSE bug 1117751cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19637SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems without symlink protection
ImportantCVE-2018-19637SUSE bug 1063385SUSE bug 1117776cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19638SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files.
LowCVE-2018-19638SUSE bug 1063385SUSE bug 1118460SUSE bug 1118462SUSE bug 1118463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19639SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing (e.g. with CVE-2018-19638) he can execute arbitrary commands as root.
ImportantCVE-2018-19639SUSE bug 1063385SUSE bug 1118460SUSE bug 1118462cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19640SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. with CVE-2018-19638) he can kill arbitrary processes on the local machine.
ModerateCVE-2018-19640SUSE bug 1063385SUSE bug 1118463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19655SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file.
ModerateCVE-2018-19655SUSE bug 1117896cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19661SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service.
LowCVE-2018-19661SUSE bug 1117906SUSE bug 1117925cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19662SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.
LowCVE-2018-19662SUSE bug 1117925cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19664SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
LowCVE-2018-19664SUSE bug 1117890cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19665SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
ModerateCVE-2018-19665SUSE bug 1117749SUSE bug 1117756SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19788SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
ModerateCVE-2018-19788SUSE bug 1118274SUSE bug 1118277SUSE bug 1119056SUSE bug 1126909cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19824SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
ModerateCVE-2018-19824SUSE bug 1118152cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19841SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
LowCVE-2018-19841SUSE bug 1120929cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19854SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).
ModerateCVE-2018-19854SUSE bug 1118428cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19870SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
ModerateCVE-2018-19870SUSE bug 1118597cpe:/o:suse:sled:12:sp4CVE-2018-19872SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
ModerateCVE-2018-19872SUSE bug 1130246cpe:/o:suse:sled:12:sp4CVE-2018-19873SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
ModerateCVE-2018-19873SUSE bug 1118596SUSE bug 1126909cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19876SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error.
ModerateCVE-2018-19876SUSE bug 1118587cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19931SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.
LowCVE-2018-19931SUSE bug 1118830SUSE bug 1118831cpe:/o:suse:sled:12:sp4CVE-2018-19932SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.
LowCVE-2018-19932SUSE bug 1118830SUSE bug 1118831cpe:/o:suse:sled:12:sp4CVE-2018-19961SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
ImportantCVE-2018-19961SUSE bug 1115040SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19962SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
ImportantCVE-2018-19962SUSE bug 1115040SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19963SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled.
ImportantCVE-2018-19963SUSE bug 1115043cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19964SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions.
ModerateCVE-2018-19964SUSE bug 1115044cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19965SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.
ModerateCVE-2018-19965SUSE bug 1115045cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19966SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.
ModerateCVE-2018-19966SUSE bug 1115047SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19967SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix.
ModerateCVE-2018-19967SUSE bug 1114988SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-19985SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
ModerateCVE-2018-19985SUSE bug 1120743cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20030SUSE Linux Enterprise Desktop 12 SP4
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
LowCVE-2018-20030SUSE bug 1120943cpe:/o:suse:sled:12:sp4CVE-2018-20123SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.
LowCVE-2018-20123SUSE bug 1119437SUSE bug 1119438cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20124SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
ModerateCVE-2018-20124SUSE bug 1119840SUSE bug 1119841cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20125SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
LowCVE-2018-20125SUSE bug 1119989cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20126SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.
LowCVE-2018-20126SUSE bug 1119991cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20169SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
ModerateCVE-2018-20169SUSE bug 1119714cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20184SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
ModerateCVE-2018-20184SUSE bug 1119822cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20185SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
ModerateCVE-2018-20185SUSE bug 1119823cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20189SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.
LowCVE-2018-20189SUSE bug 1119790cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20191SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
LowCVE-2018-20191SUSE bug 1119979SUSE bug 1119980cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20216SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).
LowCVE-2018-20216SUSE bug 1119984SUSE bug 1119985cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20217SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
ModerateCVE-2018-20217SUSE bug 1120489cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20330SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
ModerateCVE-2018-20330SUSE bug 1120646cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20337SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact.
ModerateCVE-2018-20337SUSE bug 1120519cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20340SUSE Linux Enterprise Desktop 12 SP4
Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is currently in use. It is not possible to perform this attack with a genuine YubiKey.
ModerateCVE-2018-20340SUSE bug 1124781cpe:/o:suse:sled:12:sp4CVE-2018-20346SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
ModerateCVE-2018-20346SUSE bug 1119687SUSE bug 1120335SUSE bug 1131576SUSE bug 1131918SUSE bug 1131919SUSE bug 1148893SUSE bug 1169664cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20363SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
LowCVE-2018-20363SUSE bug 1120498cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20364SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
LowCVE-2018-20364SUSE bug 1120499cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20365SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.
ModerateCVE-2018-20365SUSE bug 1120498SUSE bug 1120499SUSE bug 1120500cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20406SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data. This issue is fixed in: v3.4.10, v3.4.10rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.7rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.7, v3.6.7rc1, v3.6.7rc2, v3.6.8, v3.6.8rc1, v3.6.9, v3.6.9rc1; v3.7.1, v3.7.1rc1, v3.7.1rc2, v3.7.2, v3.7.2rc1, v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
ModerateCVE-2018-20406SUSE bug 1120644cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20449SUSE Linux Enterprise Desktop 12 SP3
The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
LowCVE-2018-20449SUSE bug 1131646cpe:/o:suse:sled:12:sp3CVE-2018-20467SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
LowCVE-2018-20467SUSE bug 1120381cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20483SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.
ModerateCVE-2018-20483SUSE bug 1120382cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20505SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
LowCVE-2018-20505SUSE bug 1131560cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20506SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
ImportantCVE-2018-20506SUSE bug 1131560SUSE bug 1131576cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20509SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.
ModerateCVE-2018-20509SUSE bug 1134198cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20510SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.
ModerateCVE-2018-20510SUSE bug 1134174cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20511SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.
LowCVE-2018-20511SUSE bug 1120388cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20532SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
LowCVE-2018-20532SUSE bug 1120629cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20533SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
LowCVE-2018-20533SUSE bug 1120630cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20534SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application.
LowCVE-2018-20534SUSE bug 1120631cpe:/o:suse:sled:12:sp4CVE-2018-20544SUSE Linux Enterprise Desktop 12 SP4
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.
ModerateCVE-2018-20544SUSE bug 1120502cpe:/o:suse:sled:12:sp4CVE-2018-20545SUSE Linux Enterprise Desktop 12 SP4
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data.
ModerateCVE-2018-20545SUSE bug 1120470SUSE bug 1120584SUSE bug 1120589cpe:/o:suse:sled:12:sp4CVE-2018-20546SUSE Linux Enterprise Desktop 12 SP4
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.
ModerateCVE-2018-20546SUSE bug 1120503SUSE bug 1120504cpe:/o:suse:sled:12:sp4CVE-2018-20547SUSE Linux Enterprise Desktop 12 SP4
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.
ModerateCVE-2018-20547SUSE bug 1120503SUSE bug 1120504cpe:/o:suse:sled:12:sp4CVE-2018-20548SUSE Linux Enterprise Desktop 12 SP4
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data.
ModerateCVE-2018-20548SUSE bug 1120470SUSE bug 1120584SUSE bug 1120589cpe:/o:suse:sled:12:sp4CVE-2018-20549SUSE Linux Enterprise Desktop 12 SP4
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
ModerateCVE-2018-20549SUSE bug 1120470SUSE bug 1120584SUSE bug 1120589cpe:/o:suse:sled:12:sp4CVE-2018-20551SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c.
LowCVE-2018-20551SUSE bug 1120496cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20584SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.
ModerateCVE-2018-20584SUSE bug 1120806cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20623SUSE Linux Enterprise Desktop 12 SP4
In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.
ModerateCVE-2018-20623SUSE bug 1121035cpe:/o:suse:sled:12:sp4CVE-2018-20651SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.
ModerateCVE-2018-20651SUSE bug 1121034cpe:/o:suse:sled:12:sp4CVE-2018-20662SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.
LowCVE-2018-20662SUSE bug 1120939SUSE bug 1120956cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20669SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
ImportantCVE-2018-20669SUSE bug 1122971cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20671SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.
ModerateCVE-2018-20671SUSE bug 1121056cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20685SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
ImportantCVE-2018-20685SUSE bug 1121571SUSE bug 1123220SUSE bug 1131109cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20751SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference.
ModerateCVE-2018-20751SUSE bug 1124357cpe:/o:suse:sled:12:sp4CVE-2018-20784SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
ModerateCVE-2018-20784SUSE bug 1126703cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20786SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c.
LowCVE-2018-20786SUSE bug 1126750SUSE bug 1126752cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20797SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.
LowCVE-2018-20797SUSE bug 1127514cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20815SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
ImportantCVE-2018-20815SUSE bug 1118900SUSE bug 1130675SUSE bug 1130680SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20836SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
ModerateCVE-2018-20836SUSE bug 1134395cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20839SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.
ModerateCVE-2018-20839SUSE bug 1135604cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20843SUSE Linux Enterprise Desktop 12 SP4
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
ModerateCVE-2018-20843SUSE bug 1139937cpe:/o:suse:sled:12:sp4CVE-2018-20852SUSE Linux Enterprise Desktop 12 SP4
http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.
ModerateCVE-2018-20852SUSE bug 1141853cpe:/o:suse:sled:12:sp4CVE-2018-20854SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.
ModerateCVE-2018-20854SUSE bug 1143038cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-20855SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
ModerateCVE-2018-20855SUSE bug 1143045cpe:/o:suse:sled:12:sp4CVE-2018-20856SUSE Linux Enterprise Desktop 12 SP1
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.
ImportantCVE-2018-20856SUSE bug 1143048SUSE bug 1156331cpe:/o:suse:sled:12:sp1CVE-2018-20961SUSE Linux Enterprise Desktop 12 SP3
In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact.
ModerateCVE-2018-20961SUSE bug 1144823cpe:/o:suse:sled:12:sp3CVE-2018-20969SUSE Linux Enterprise Desktop 12 SP4
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
CriticalCVE-2018-20969SUSE bug 1146398cpe:/o:suse:sled:12:sp4CVE-2018-20976SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
ModerateCVE-2018-20976SUSE bug 1146285cpe:/o:suse:sled:12:sp4CVE-2018-21008SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.
ModerateCVE-2018-21008SUSE bug 1149591cpe:/o:suse:sled:12:sp4CVE-2018-21010SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.
ImportantCVE-2018-21010SUSE bug 1149789cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-21029SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname validation does not have anything to do with this issue (i.e. there is no hostname to be sent).
ImportantCVE-2018-21029SUSE bug 1155539cpe:/o:suse:sled:12:sp4CVE-2018-2562SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
ImportantCVE-2018-2562SUSE bug 1076369SUSE bug 1078431cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2579SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2018-2579SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2582SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).
ModerateCVE-2018-2582SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2588SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2018-2588SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2599SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).
ModerateCVE-2018-2599SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2602SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).
ModerateCVE-2018-2602SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2603SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2018-2603SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2612SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).
ModerateCVE-2018-2612SUSE bug 1076369SUSE bug 1078431cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2618SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
ModerateCVE-2018-2618SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2622SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2622SUSE bug 1076369SUSE bug 1078431cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2629SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N).
ModerateCVE-2018-2629SUSE bug 1076366cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2633SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2018-2633SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2634SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2018-2634SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2637SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
ImportantCVE-2018-2637SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2640SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2640SUSE bug 1076369SUSE bug 1078431cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2641SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).
ModerateCVE-2018-2641SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2663SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
ModerateCVE-2018-2663SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2665SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2665SUSE bug 1076369SUSE bug 1078431cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2668SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2668SUSE bug 1076369SUSE bug 1078431cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2677SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
ModerateCVE-2018-2677SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2678SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
ModerateCVE-2018-2678SUSE bug 1076366SUSE bug 1082810cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2755SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2018-2755SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2759SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2759SUSE bug 1089987cpe:/o:suse:sled:12:sp4CVE-2018-2761SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2761SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2766SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2766SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2767SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2018-2767SUSE bug 1088681SUSE bug 1101675cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2771SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2771SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2777SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2777SUSE bug 1089987cpe:/o:suse:sled:12:sp4CVE-2018-2781SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2781SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2782SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2782SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2784SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2784SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2786SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
ModerateCVE-2018-2786SUSE bug 1089987cpe:/o:suse:sled:12:sp4CVE-2018-2787SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
ModerateCVE-2018-2787SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2790SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).
ModerateCVE-2018-2790SUSE bug 1090023SUSE bug 1093311SUSE bug 1101637cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2794SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2018-2794SUSE bug 1090024SUSE bug 1093311cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2795SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2018-2795SUSE bug 1090025SUSE bug 1093311cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2796SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2018-2796SUSE bug 1090026SUSE bug 1093311cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2797SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
LowCVE-2018-2797SUSE bug 1090027SUSE bug 1093311cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2798SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2018-2798SUSE bug 1090028SUSE bug 1093311cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2799SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2018-2799SUSE bug 1090029SUSE bug 1093311cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2800SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).
ModerateCVE-2018-2800SUSE bug 1090030SUSE bug 1093311cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2810SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2810SUSE bug 1089987cpe:/o:suse:sled:12:sp4CVE-2018-2813SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2018-2813SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2814SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2018-2814SUSE bug 1090032SUSE bug 1093311cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2815SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
LowCVE-2018-2815SUSE bug 1090033cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2817SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2817SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2819SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-2819SUSE bug 1089987SUSE bug 1090518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2825SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
LowCVE-2018-2825SUSE bug 1090196SUSE bug 1093311cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-2826SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
LowCVE-2018-2826SUSE bug 1090197SUSE bug 1093311cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2938SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVE-2018-2938 addresses CVE-2018-1313. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
LowCVE-2018-2938SUSE bug 1101644cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2940SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).
LowCVE-2018-2940SUSE bug 1101645SUSE bug 1101656cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2941SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
LowCVE-2018-2941SUSE bug 1101648cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2942SUSE Linux Enterprise Desktop 12 SP3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ImportantCVE-2018-2942SUSE bug 1101650cpe:/o:suse:sled:12:sp3CVE-2018-2952SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVE-2018-2952SUSE bug 1101645SUSE bug 1101651SUSE bug 1101656cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2964SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
LowCVE-2018-2964SUSE bug 1101645SUSE bug 1101653SUSE bug 1101656cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2972SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). The supported version that is affected is Java SE: 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
LowCVE-2018-2972SUSE bug 1101655cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-2973SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
LowCVE-2018-2973SUSE bug 1101645SUSE bug 1101656cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3058SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2018-3058SUSE bug 1101676SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3060SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).
ModerateCVE-2018-3060cpe:/o:suse:sled:12:sp4CVE-2018-3063SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3063SUSE bug 1101677SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3064SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
ImportantCVE-2018-3064SUSE bug 1103342SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3066SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).
LowCVE-2018-3066SUSE bug 1101678SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3136SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g. code installed by an administrator). CVSS 3.0 Base Score 3.4 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N).
ModerateCVE-2018-3136SUSE bug 1112142SUSE bug 1112143SUSE bug 1112144SUSE bug 1112146SUSE bug 1112148SUSE bug 1112152SUSE bug 1116574cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3139SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g. code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
ModerateCVE-2018-3139SUSE bug 1112142SUSE bug 1112143SUSE bug 1112144SUSE bug 1112146SUSE bug 1112148SUSE bug 1112152SUSE bug 1116574cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3143SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3143SUSE bug 1112421SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3149SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3149SUSE bug 1112142SUSE bug 1112143SUSE bug 1112144SUSE bug 1112146SUSE bug 1112148SUSE bug 1112152SUSE bug 1116574cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3156SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3156SUSE bug 1112417SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3162SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3162SUSE bug 1112415SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3169SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g. code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3169SUSE bug 1112142SUSE bug 1112143SUSE bug 1112144SUSE bug 1112146SUSE bug 1112148SUSE bug 1112152SUSE bug 1116574cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3173SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3173SUSE bug 1112386SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3174SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2018-3174SUSE bug 1112368SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3180SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
ModerateCVE-2018-3180SUSE bug 1112142SUSE bug 1112143SUSE bug 1112144SUSE bug 1112146SUSE bug 1112147SUSE bug 1112148SUSE bug 1112152SUSE bug 1116574cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3183SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3183SUSE bug 1112142SUSE bug 1112143SUSE bug 1112144SUSE bug 1112146SUSE bug 1112148SUSE bug 1112152SUSE bug 1116574SUSE bug 1120714cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3185SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
ModerateCVE-2018-3185SUSE bug 1112384SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3200SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3200SUSE bug 1112404SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3214SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2018-3214SUSE bug 1112142SUSE bug 1112143SUSE bug 1112144SUSE bug 1112146SUSE bug 1112148SUSE bug 1112152SUSE bug 1116574cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3251SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3251SUSE bug 1112397SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3277SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3277SUSE bug 1112391SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3282SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3282SUSE bug 1112432SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3284SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2018-3284SUSE bug 1112377SUSE bug 1116686cpe:/o:suse:sled:12:sp4CVE-2018-3613SUSE Linux Enterprise Desktop 12 SP4
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
ModerateCVE-2018-3613SUSE bug 1115916cpe:/o:suse:sled:12:sp4CVE-2018-3620SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
ModerateCVE-2018-3620SUSE bug 1087078SUSE bug 1087081SUSE bug 1089343SUSE bug 1090340SUSE bug 1091107SUSE bug 1099306SUSE bug 1104894cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3630SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.
ImportantCVE-2018-3630SUSE bug 1127822cpe:/o:suse:sled:12:sp4CVE-2018-3639SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
ModerateCVE-2018-3639SUSE bug 1074701SUSE bug 1085235SUSE bug 1085308SUSE bug 1087078SUSE bug 1087082SUSE bug 1092631SUSE bug 1092885SUSE bug 1094912SUSE bug 1100394SUSE bug 1102640SUSE bug 1105412SUSE bug 1172781SUSE bug 1172782SUSE bug 1172783SUSE bug 1173489SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3640SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.
ModerateCVE-2018-3640SUSE bug 1074701SUSE bug 1087078SUSE bug 1087083SUSE bug 1094912SUSE bug 1100394SUSE bug 1175912cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3646SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
ImportantCVE-2018-3646SUSE bug 1087078SUSE bug 1087081SUSE bug 1089343SUSE bug 1091107SUSE bug 1099306SUSE bug 1104365SUSE bug 1104894SUSE bug 1106548SUSE bug 1113534SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-3665SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
ModerateCVE-2018-3665SUSE bug 1087078SUSE bug 1087082SUSE bug 1087086SUSE bug 1090338SUSE bug 1095241SUSE bug 1095242SUSE bug 1096740SUSE bug 1100091SUSE bug 1100555SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4088SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2018-4088SUSE bug 1075775SUSE bug 1077535cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4096SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2018-4096SUSE bug 1075775SUSE bug 1077535cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4101SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4101SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4113SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the "WebKit" component. It allows attackers to trigger an assertion failure by leveraging improper array indexing.
ModerateCVE-2018-4113SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4114SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4114SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4117SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
ModerateCVE-2018-4117SUSE bug 1088182SUSE bug 1102530cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4118SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4118SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4119SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4119SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4120SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4120SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4121SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4121SUSE bug 1092278cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4122SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4122SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4125SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4125SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4127SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4127SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4128SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4128SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4129SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4129SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4133SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
ImportantCVE-2018-4133SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4146SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows attackers to cause a denial of service (memory corruption) via a crafted web site.
ModerateCVE-2018-4146SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4161SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4161SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4162SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4162SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4163SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4163SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4165SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4165SUSE bug 1088182cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4180SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
ImportantCVE-2018-4180SUSE bug 1096405SUSE bug 1096408cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4181SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
ModerateCVE-2018-4181SUSE bug 1096406SUSE bug 1096408SUSE bug 1105281cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4182SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
ModerateCVE-2018-4182SUSE bug 1096407SUSE bug 1096408SUSE bug 1105281cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4183SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.
ModerateCVE-2018-4183SUSE bug 1096407SUSE bug 1096408cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4190SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive credential information that is transmitted during a CSS mask-image fetch.
ModerateCVE-2018-4190SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4191SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4191SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4197SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4197SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4199SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.
ModerateCVE-2018-4199SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4200SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free.
ImportantCVE-2018-4200SUSE bug 1092280cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4204SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2018-4204SUSE bug 1092279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4207SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
ModerateCVE-2018-4207SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4208SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
ModerateCVE-2018-4208SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4209SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
ModerateCVE-2018-4209SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4210SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.
ModerateCVE-2018-4210SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4212SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
ModerateCVE-2018-4212SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4213SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
ModerateCVE-2018-4213SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4218SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free.
ModerateCVE-2018-4218SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4222SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation.
ModerateCVE-2018-4222SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4232SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to overwrite cookies via a crafted web site.
ModerateCVE-2018-4232SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4233SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ModerateCVE-2018-4233SUSE bug 1097693cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4246SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion.
ImportantCVE-2018-4246SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4261SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4261SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4262SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.
ImportantCVE-2018-4262SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4263SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4263SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4264SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4264SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4265SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4265SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4266SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4266SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4267SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4267SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4270SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4270SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4272SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4272SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4273SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4273SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4278SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
ImportantCVE-2018-4278SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4284SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
ImportantCVE-2018-4284SUSE bug 1104169cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4299SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4299SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4306SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4306SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4309SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4309SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4312SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4312SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4314SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4314SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4315SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4315SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4316SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4316SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4317SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4317SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4318SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4318SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4319SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4319SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4323SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4323SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4328SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4328SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4345SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ImportantCVE-2018-4345SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4358SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4358SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4359SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4359SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4361SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
ModerateCVE-2018-4361SUSE bug 1110279cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4372SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4372SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4373SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4373SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4375SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4375SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4376SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4376SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4378SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4378SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4382SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4382SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4386SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4386SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4392SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4392SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4416SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
ImportantCVE-2018-4416SUSE bug 1116998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4437SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CriticalCVE-2018-4437SUSE bug 1119553cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4438SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CriticalCVE-2018-4438SUSE bug 1119554cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4441SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CriticalCVE-2018-4441SUSE bug 1119555cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4442SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CriticalCVE-2018-4442SUSE bug 1119556cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4443SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CriticalCVE-2018-4443SUSE bug 1119557cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4464SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
CriticalCVE-2018-4464SUSE bug 1119553SUSE bug 1119558cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4700SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2018-4700SUSE bug 1115750SUSE bug 1131480cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-4868SUSE Linux Enterprise Desktop 12 SP3
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file.
ImportantCVE-2018-4868SUSE bug 1074502cpe:/o:suse:sled:12:sp3CVE-2018-5089SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ImportantCVE-2018-5089SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5091SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58.
ImportantCVE-2018-5091SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5095SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ImportantCVE-2018-5095SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5096SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Thunderbird < 52.6.
ImportantCVE-2018-5096SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5097SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ImportantCVE-2018-5097SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5098SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ImportantCVE-2018-5098SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5099SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ImportantCVE-2018-5099SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5102SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ImportantCVE-2018-5102SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5103SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ImportantCVE-2018-5103SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5104SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ImportantCVE-2018-5104SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5117SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are on a different site than the one loaded. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
ModerateCVE-2018-5117SUSE bug 1077291cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5124SUSE Linux Enterprise Desktop 12 SP3
Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.
ImportantCVE-2018-5124SUSE bug 1078314cpe:/o:suse:sled:12:sp3CVE-2018-5125SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
ImportantCVE-2018-5125SUSE bug 1085130cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5127SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
ImportantCVE-2018-5127SUSE bug 1085130cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5129SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
ImportantCVE-2018-5129SUSE bug 1085130cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5130SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.
ImportantCVE-2018-5130SUSE bug 1085130cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5131SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessible to users if they share a common profile while browsing. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.
ModerateCVE-2018-5131SUSE bug 1085130cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5144SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.
ModerateCVE-2018-5144SUSE bug 1085130cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5145SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.
ImportantCVE-2018-5145SUSE bug 1085130cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5146SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
ImportantCVE-2018-5146SUSE bug 1085671SUSE bug 1085687SUSE bug 1180395cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5147SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
ImportantCVE-2018-5147SUSE bug 1085671SUSE bug 1085687cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5148SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2.
ImportantCVE-2018-5148SUSE bug 1087059cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5150SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
ImportantCVE-2018-5150SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5151SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5151SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5152SUSE Linux Enterprise Desktop 12 SP4
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firefox Accounts. This issue does not expose synchronization traffic directly and is limited to the process of user login to the website and the data displayed to the user once logged in. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5152SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5153SUSE Linux Enterprise Desktop 12 SP4
If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5153SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5154SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
ImportantCVE-2018-5154SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5155SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
ImportantCVE-2018-5155SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5156SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-5156SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5157SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
ImportantCVE-2018-5157SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5158SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
ImportantCVE-2018-5158SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5159SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
ImportantCVE-2018-5159SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5160SUSE Linux Enterprise Desktop 12 SP4
WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5160SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5163SUSE Linux Enterprise Desktop 12 SP4
If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process' privileges, escaping the sandbox on content processes. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5163SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5164SUSE Linux Enterprise Desktop 12 SP4
Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5164SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5165SUSE Linux Enterprise Desktop 12 SP4
In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to select this setting intending to activate it and inadvertently turn protections off. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5165SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5166SUSE Linux Enterprise Desktop 12 SP4
WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5166SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5167SUSE Linux Enterprise Desktop 12 SP4
The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display "javascript:" links, which users could be tricked into clicking by malicious sites. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5167SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5168SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
ImportantCVE-2018-5168SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5169SUSE Linux Enterprise Desktop 12 SP4
If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5169SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5172SUSE Linux Enterprise Desktop 12 SP4
The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5172SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5173SUSE Linux Enterprise Desktop 12 SP4
The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5173SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5174SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won't prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
ImportantCVE-2018-5174SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5175SUSE Linux Enterprise Desktop 12 SP4
A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5175SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5176SUSE Linux Enterprise Desktop 12 SP4
The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This can allow for the theft of cookies and authorization tokens which are accessible to that context. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5176SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5177SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5177SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5178SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.
ImportantCVE-2018-5178SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5179SUSE Linux Enterprise Desktop 12 SP4
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.
ImportantCVE-2018-5179SUSE bug 1112111SUSE bug 1119105cpe:/o:suse:sled:12:sp4CVE-2018-5180SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5180SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5181SUSE Linux Enterprise Desktop 12 SP4
If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with the "noopener" keyword. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5181SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5182SUSE Linux Enterprise Desktop 12 SP4
If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This vulnerability affects Firefox < 60.
ImportantCVE-2018-5182SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp4CVE-2018-5183SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.
ImportantCVE-2018-5183SUSE bug 1092548SUSE bug 1092611SUSE bug 1093969SUSE bug 1093970SUSE bug 1093971SUSE bug 1093972SUSE bug 1093973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5188SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
ImportantCVE-2018-5188SUSE bug 1098998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5244SUSE Linux Enterprise Desktop 12 SP3
In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of service (host OS memory consumption) by rebooting many times.
ModerateCVE-2018-5244SUSE bug 1073961SUSE bug 1074966cpe:/o:suse:sled:12:sp3CVE-2018-5246SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
ModerateCVE-2018-5246SUSE bug 1074973cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5247SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
ModerateCVE-2018-5247SUSE bug 1074969SUSE bug 1074975cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5248SUSE Linux Enterprise Desktop 12 SP3
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.
ModerateCVE-2018-5248SUSE bug 1074968cpe:/o:suse:sled:12:sp3CVE-2018-5295SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
ModerateCVE-2018-5295SUSE bug 1075026cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5296SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
ModerateCVE-2018-5296SUSE bug 1075021cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5308SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
ModerateCVE-2018-5308SUSE bug 1075772cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5309SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
ModerateCVE-2018-5309SUSE bug 1075322cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5332SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
ModerateCVE-2018-5332SUSE bug 1075621SUSE bug 1091815cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5333SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
ModerateCVE-2018-5333SUSE bug 1075617SUSE bug 1091815cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5334SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.
ModerateCVE-2018-5334SUSE bug 1075737cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5335SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.
ModerateCVE-2018-5335SUSE bug 1075738cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5336SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.
ModerateCVE-2018-5336SUSE bug 1075739cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5357SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
ModerateCVE-2018-5357SUSE bug 1075821SUSE bug 1095726cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5358SUSE Linux Enterprise Desktop 12 SP3
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.
ModerateCVE-2018-5358SUSE bug 1075819cpe:/o:suse:sled:12:sp3CVE-2018-5383SUSE Linux Enterprise Desktop 12 SP3
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
ImportantCVE-2018-5383SUSE bug 1104301SUSE bug 1126909cpe:/o:suse:sled:12:sp3CVE-2018-5388SUSE Linux Enterprise Desktop 12 SP4
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
ModerateCVE-2018-5388SUSE bug 1094462SUSE bug 1101792cpe:/o:suse:sled:12:sp4CVE-2018-5390SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
ImportantCVE-2018-5390SUSE bug 1087082SUSE bug 1102340SUSE bug 1102682SUSE bug 1103097SUSE bug 1103098cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5391SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
ImportantCVE-2018-5391SUSE bug 1087082SUSE bug 1102340SUSE bug 1103097SUSE bug 1103098SUSE bug 1108654SUSE bug 1114071SUSE bug 1121102SUSE bug 1134140SUSE bug 1181460cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5407SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
ModerateCVE-2018-5407SUSE bug 1113534SUSE bug 1116195SUSE bug 1126909SUSE bug 1148697cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5683SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
ModerateCVE-2018-5683SUSE bug 1076114SUSE bug 1076116SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5685SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
ImportantCVE-2018-5685SUSE bug 1075939cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5709SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.
ModerateCVE-2018-5709SUSE bug 1076229SUSE bug 1132051cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5710SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.
ModerateCVE-2018-5710SUSE bug 1076211cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-5711SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.
ModerateCVE-2018-5711SUSE bug 1076391cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5729SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
ModerateCVE-2018-5729SUSE bug 1076211SUSE bug 1083926SUSE bug 1122468cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5730SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
ModerateCVE-2018-5730SUSE bug 1076211SUSE bug 1083927SUSE bug 1122468cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5732SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0
ImportantCVE-2018-5732SUSE bug 1083302SUSE bug 1085417cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5733SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.
ModerateCVE-2018-5733SUSE bug 1083303SUSE bug 1085417cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5734SUSE Linux Enterprise Desktop 12 SP3
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.
ImportantCVE-2018-5734SUSE bug 1085417cpe:/o:suse:sled:12:sp3CVE-2018-5735SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar backports for the fix for 2017-3137 may also be affected.
ImportantCVE-2018-5735SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1033466SUSE bug 1081545cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2018-5736SUSE Linux Enterprise Desktop 12 SP3
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.
ModerateCVE-2018-5736SUSE bug 1093448SUSE bug 1093449cpe:/o:suse:sled:12:sp3CVE-2018-5737SUSE Linux Enterprise Desktop 12 SP3
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.
ModerateCVE-2018-5737SUSE bug 1093448SUSE bug 1093449cpe:/o:suse:sled:12:sp3CVE-2018-5738SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended (and documented) behavior is that if an operator has not specified a value for the "allow-recursion" setting, it SHOULD default to one of the following: none, if "recursion no;" is set in named.conf; a value inherited from the "allow-query-cache" or "allow-query" settings IF "recursion yes;" (the default for that setting) AND match lists are explicitly set for "allow-query-cache" or "allow-query" (see the BIND9 Administrative Reference Manual section 6.2 for more details); or the intended default of "allow-recursion {localhost; localnets;};" if "recursion yes;" is in effect and no values are explicitly set for "allow-query-cache" or "allow-query". However, because of the regression introduced by change #4777, it is possible when "recursion yes;" is in effect and no match list values are provided for "allow-query-cache" or "allow-query" for the setting of "allow-recursion" to inherit a setting of all hosts from the "allow-query" setting default, improperly permitting recursion to all clients. Affects BIND 9.9.12, 9.10.7, 9.11.3, 9.12.0->9.12.1-P2, the development release 9.13.0, and also releases 9.9.12-S1, 9.10.7-S1, 9.11.3-S1, and 9.11.3-S2 from BIND 9 Supported Preview Edition.
ModerateCVE-2018-5738SUSE bug 1096864cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-5740SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
ImportantCVE-2018-5740SUSE bug 1104129SUSE bug 1148887SUSE bug 1177790cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5743SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.
ImportantCVE-2018-5743SUSE bug 1133185SUSE bug 1148887SUSE bug 1157051cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5744SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected.
ImportantCVE-2018-5744SUSE bug 1126066cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5745SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.
ModerateCVE-2018-5745SUSE bug 1126068SUSE bug 1148887SUSE bug 1177790cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5748SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
LowCVE-2018-5748SUSE bug 1076500SUSE bug 1083625SUSE bug 1087887cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5764SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.
ModerateCVE-2018-5764SUSE bug 1076503cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5772SUSE Linux Enterprise Desktop 12 SP3
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.
ModerateCVE-2018-5772SUSE bug 1076579cpe:/o:suse:sled:12:sp3CVE-2018-5783SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
ModerateCVE-2018-5783SUSE bug 1076962cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5784SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.
ModerateCVE-2018-5784SUSE bug 1081690cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5800SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
LowCVE-2018-5800SUSE bug 1084691cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5801SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
LowCVE-2018-5801SUSE bug 1084690cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5802SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
LowCVE-2018-5802SUSE bug 1084688cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5803SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
ModerateCVE-2018-5803SUSE bug 1083900SUSE bug 1087082cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5804SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.
ModerateCVE-2018-5804SUSE bug 1097975cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5805SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
ModerateCVE-2018-5805SUSE bug 1097973cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5806SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
ModerateCVE-2018-5806SUSE bug 1097974cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5807SUSE Linux Enterprise Desktop 12 SP3
An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
LowCVE-2018-5807SUSE bug 1103361cpe:/o:suse:sled:12:sp3CVE-2018-5808SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.
ModerateCVE-2018-5808SUSE bug 1117896SUSE bug 1118891SUSE bug 1118894cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5809SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.
ModerateCVE-2018-5809SUSE bug 1118891SUSE bug 1118894cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5810SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
ModerateCVE-2018-5810SUSE bug 1103353SUSE bug 1118894cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5811SUSE Linux Enterprise Desktop 12 SP3
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
ModerateCVE-2018-5811SUSE bug 1103359cpe:/o:suse:sled:12:sp3CVE-2018-5812SUSE Linux Enterprise Desktop 12 SP3
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.
LowCVE-2018-5812SUSE bug 1103360cpe:/o:suse:sled:12:sp3CVE-2018-5813SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file.
LowCVE-2018-5813SUSE bug 1103200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5814SUSE Linux Enterprise Desktop 12 SP3
In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets.
ModerateCVE-2018-5814SUSE bug 1087082SUSE bug 1096480SUSE bug 1133319cpe:/o:suse:sled:12:sp3CVE-2018-5815SUSE Linux Enterprise Desktop 12 SP3
An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.
LowCVE-2018-5815SUSE bug 1103206cpe:/o:suse:sled:12:sp3CVE-2018-5816SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804).
ModerateCVE-2018-5816SUSE bug 1097975cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5817SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.
LowCVE-2018-5817SUSE bug 1120515cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5818SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop.
LowCVE-2018-5818SUSE bug 1120516cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5819SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources.
LowCVE-2018-5819SUSE bug 1120517cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5848SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
ImportantCVE-2018-5848SUSE bug 1087082SUSE bug 1097356SUSE bug 1105412SUSE bug 1115339cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5873SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05.
ModerateCVE-2018-5873SUSE bug 1100490cpe:/o:suse:sled:12:sp4CVE-2018-5953SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.
LowCVE-2018-5953SUSE bug 1104131cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-5996SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
CriticalCVE-2018-5996SUSE bug 1077724cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-6003SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
ImportantCVE-2018-6003SUSE bug 1076832cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6126SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
ImportantCVE-2018-6126SUSE bug 1095163SUSE bug 1096449cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6196SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.
ModerateCVE-2018-6196SUSE bug 1077559SUSE bug 1189667cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6197SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.
ModerateCVE-2018-6197SUSE bug 1077559SUSE bug 1077568SUSE bug 1189667cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6198SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.
ModerateCVE-2018-6198SUSE bug 1077559SUSE bug 1077572cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6323SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
LowCVE-2018-6323SUSE bug 1077745cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6381SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.
LowCVE-2018-6381SUSE bug 1078497SUSE bug 1079094cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6405SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
ModerateCVE-2018-6405SUSE bug 1078433SUSE bug 1095726cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6467SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The flickrRSS plugin 5.3.1 for WordPress has CSRF via wp-admin/options-general.php.
ModerateCVE-2018-6467SUSE bug 1133186cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6484SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
ModerateCVE-2018-6484SUSE bug 1078701SUSE bug 1079094SUSE bug 1079095SUSE bug 1080546cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6485SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
ModerateCVE-2018-6485SUSE bug 1079036cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6540SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
ModerateCVE-2018-6540SUSE bug 1079094SUSE bug 1079096cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6542SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c.
ModerateCVE-2018-6542SUSE bug 1079094cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6543SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-6543SUSE bug 1079103cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6551SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.
ModerateCVE-2018-6551SUSE bug 1079036cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6553SUSE Linux Enterprise Desktop 12 SP3
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS.
ImportantCVE-2018-6553SUSE bug 1102219cpe:/o:suse:sled:12:sp3CVE-2018-6554SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.
LowCVE-2018-6554SUSE bug 1106509SUSE bug 1106511cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6555SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.
ModerateCVE-2018-6555SUSE bug 1106509SUSE bug 1106511cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6559SUSE Linux Enterprise Desktop 12 SP3
The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.
LowCVE-2018-6559SUSE bug 1112680cpe:/o:suse:sled:12:sp3CVE-2018-6759SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file.
ModerateCVE-2018-6759SUSE bug 1079741cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6764SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
LowCVE-2018-6764SUSE bug 1080042SUSE bug 1088147cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-6797SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.
ModerateCVE-2018-6797SUSE bug 1082234SUSE bug 1106717cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6798SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure.
ImportantCVE-2018-6798SUSE bug 1082233SUSE bug 1106717cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6829SUSE Linux Enterprise Desktop 12 SP3
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
ModerateCVE-2018-6829SUSE bug 1081684cpe:/o:suse:sled:12:sp3CVE-2018-6836SUSE Linux Enterprise Desktop 12 SP3
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-6836SUSE bug 1080229cpe:/o:suse:sled:12:sp3CVE-2018-6871SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
ModerateCVE-2018-6871SUSE bug 1080249cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6872SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment.
ModerateCVE-2018-6872SUSE bug 1080556cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6876SUSE Linux Enterprise Desktop 12 SP3
The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.
LowCVE-2018-6876SUSE bug 1081305cpe:/o:suse:sled:12:sp3CVE-2018-6913SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.
ModerateCVE-2018-6913SUSE bug 1082216SUSE bug 1106717cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6914SUSE Linux Enterprise Desktop 12 SP3
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. (dot dot) in the prefix argument.
LowCVE-2018-6914SUSE bug 1087441SUSE bug 1136906cpe:/o:suse:sled:12:sp3CVE-2018-6927SUSE Linux Enterprise Desktop 12 SP4
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
ModerateCVE-2018-6927SUSE bug 1080757SUSE bug 1091815cpe:/o:suse:sled:12:sp4CVE-2018-6942SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
ModerateCVE-2018-6942cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3CVE-2018-6951SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.
LowCVE-2018-6951SUSE bug 1080951cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-6954SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on.
ImportantCVE-2018-6954SUSE bug 1080919cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7169SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.
ModerateCVE-2018-7169SUSE bug 1081294cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7170SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549.
LowCVE-2018-7170SUSE bug 1082210SUSE bug 1083424SUSE bug 1098531SUSE bug 1155513cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7182SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.
ModerateCVE-2018-7182SUSE bug 1082210SUSE bug 1083426cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7183SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.
ModerateCVE-2018-7183SUSE bug 1082210SUSE bug 1083417cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7184SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.
LowCVE-2018-7184SUSE bug 1082210SUSE bug 1083422cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7185SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.
LowCVE-2018-7185SUSE bug 1082210SUSE bug 1083420cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7191SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.
ModerateCVE-2018-7191SUSE bug 1135603cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7208SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.
LowCVE-2018-7208SUSE bug 1081527cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7225SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.
ImportantCVE-2018-7225SUSE bug 1081493SUSE bug 1090647cpe:/o:suse:sled:12:sp3CVE-2018-7253SUSE Linux Enterprise Desktop 12 SP3
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.
ModerateCVE-2018-7253SUSE bug 1081692cpe:/o:suse:sled:12:sp3CVE-2018-7254SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.
ModerateCVE-2018-7254SUSE bug 1081693cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-7262SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service.
ImportantCVE-2018-7262SUSE bug 1081379cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7320SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.
ModerateCVE-2018-7320SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7321SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.
ModerateCVE-2018-7321SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7322SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound.
ModerateCVE-2018-7322SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7323SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing.
ModerateCVE-2018-7323SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7324SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type.
ModerateCVE-2018-7324SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7325SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field.
ModerateCVE-2018-7325SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7326SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type.
ModerateCVE-2018-7326SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7327SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths.
ModerateCVE-2018-7327SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7328SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths.
ModerateCVE-2018-7328SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7329SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors.
ModerateCVE-2018-7329SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7330SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type.
ModerateCVE-2018-7330SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7331SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length.
ModerateCVE-2018-7331SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7332SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length.
ModerateCVE-2018-7332SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7333SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size.
ModerateCVE-2018-7333SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7334SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.
ModerateCVE-2018-7334SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7335SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.
ModerateCVE-2018-7335SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7336SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.
ModerateCVE-2018-7336SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7337SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.
ModerateCVE-2018-7337SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7409SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.
ModerateCVE-2018-7409SUSE bug 1082290cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7417SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.
ModerateCVE-2018-7417SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7418SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.
ModerateCVE-2018-7418SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7419SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.
ModerateCVE-2018-7419SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7420SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.
ModerateCVE-2018-7420SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7421SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification.
ModerateCVE-2018-7421SUSE bug 1082692cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7443SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c).
LowCVE-2018-7443SUSE bug 1075944SUSE bug 1082792cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7456SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)
ModerateCVE-2018-7456SUSE bug 1074317SUSE bug 1082825cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7470SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.
LowCVE-2018-7470SUSE bug 1082837cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7480SUSE Linux Enterprise Desktop 12 SP3
The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.
ModerateCVE-2018-7480SUSE bug 1082863SUSE bug 1084536cpe:/o:suse:sled:12:sp3CVE-2018-7485SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.
ModerateCVE-2018-7485SUSE bug 1082484cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7492SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.
ModerateCVE-2018-7492SUSE bug 1082962cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7540SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.
ModerateCVE-2018-7540SUSE bug 1080635SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7541SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
ImportantCVE-2018-7541SUSE bug 1080662SUSE bug 1178658cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7542SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.
ImportantCVE-2018-7542SUSE bug 1080634cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7548SUSE Linux Enterprise Desktop 12 SP3
In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.
ModerateCVE-2018-7548SUSE bug 1082981cpe:/o:suse:sled:12:sp3CVE-2018-7549SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
ModerateCVE-2018-7549SUSE bug 1082991cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7550SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.
ImportantCVE-2018-7550SUSE bug 1083291SUSE bug 1083292cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7566SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
ImportantCVE-2018-7566SUSE bug 1083483SUSE bug 1083488SUSE bug 1087082SUSE bug 1091815cpe:/o:suse:sled:12:sp4CVE-2018-7568SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm.
ModerateCVE-2018-7568SUSE bug 1086788cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7569SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
ModerateCVE-2018-7569SUSE bug 1083532cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7570SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment that lacks a matching LOAD segment, as demonstrated by objcopy.
ModerateCVE-2018-7570SUSE bug 1083528cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7642SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy.
ModerateCVE-2018-7642SUSE bug 1086786SUSE bug 1128518cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7643SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.
ModerateCVE-2018-7643SUSE bug 1086784cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7648SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.
ModerateCVE-2018-7648SUSE bug 1083901cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2018-7685SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download.
ImportantCVE-2018-7685SUSE bug 1045735SUSE bug 1088705SUSE bug 1091624cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7725SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.
LowCVE-2018-7725SUSE bug 1084519cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7726SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
LowCVE-2018-7726SUSE bug 1084517cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7727SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack.
LowCVE-2018-7727SUSE bug 1084515cpe:/o:suse:sled:12:sp4CVE-2018-7728SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.
LowCVE-2018-7728SUSE bug 1085297SUSE bug 1085585cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7729SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp.
LowCVE-2018-7729SUSE bug 1085296SUSE bug 1085585cpe:/o:suse:sled:12:sp3CVE-2018-7730SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.
LowCVE-2018-7730SUSE bug 1085295SUSE bug 1085585SUSE bug 1103718cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7731SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class.
LowCVE-2018-7731SUSE bug 1085294SUSE bug 1085585cpe:/o:suse:sled:12:sp3CVE-2018-7738SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.
ImportantCVE-2018-7738SUSE bug 1080740SUSE bug 1084300cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7740SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.
ModerateCVE-2018-7740SUSE bug 1084353cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-7757SUSE Linux Enterprise Desktop 12 SP3
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.
ModerateCVE-2018-7757SUSE bug 1084536SUSE bug 1087082SUSE bug 1087209SUSE bug 1091815cpe:/o:suse:sled:12:sp3CVE-2018-7858SUSE Linux Enterprise Desktop 12 SP3
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.
ModerateCVE-2018-7858SUSE bug 1084604cpe:/o:suse:sled:12:sp3CVE-2018-7999SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file.
ModerateCVE-2018-7999SUSE bug 1084850cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8001SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
ModerateCVE-2018-8001SUSE bug 1084894cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8043SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).
LowCVE-2018-8043SUSE bug 1084829cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8086SUSE Linux Enterprise Desktop 12 SP3
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
LowCVE-2018-8086SUSE bug 1085008cpe:/o:suse:sled:12:sp3CVE-2018-8087SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.
ModerateCVE-2018-8087SUSE bug 1085053cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8740SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.
LowCVE-2018-8740SUSE bug 1085790SUSE bug 1131919cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8769SUSE Linux Enterprise Desktop 12 SP3
elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.
ModerateCVE-2018-8769SUSE bug 1085809cpe:/o:suse:sled:12:sp3CVE-2018-8777SUSE Linux Enterprise Desktop 12 SP3
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).
ImportantCVE-2018-8777SUSE bug 1087436SUSE bug 1136906cpe:/o:suse:sled:12:sp3CVE-2018-8779SUSE Linux Enterprise Desktop 12 SP3
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket.
LowCVE-2018-8779SUSE bug 1087440SUSE bug 1136906cpe:/o:suse:sled:12:sp3CVE-2018-8780SUSE Linux Enterprise Desktop 12 SP3
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed.
LowCVE-2018-8780SUSE bug 1087437SUSE bug 1136906cpe:/o:suse:sled:12:sp3CVE-2018-8781SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.
ImportantCVE-2018-8781SUSE bug 1087082SUSE bug 1090643SUSE bug 1090646cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8784SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
ImportantCVE-2018-8784SUSE bug 1116708SUSE bug 1117963SUSE bug 1131873cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8785SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
ImportantCVE-2018-8785SUSE bug 1117963SUSE bug 1117967SUSE bug 1131873cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8786SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
ImportantCVE-2018-8786SUSE bug 1116708SUSE bug 1117963SUSE bug 1117966SUSE bug 1131873cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8787SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.
ImportantCVE-2018-8787SUSE bug 1116708SUSE bug 1117963SUSE bug 1117964SUSE bug 1131873cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8788SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
ImportantCVE-2018-8788SUSE bug 1116708SUSE bug 1117963SUSE bug 1131873cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8789SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).
ModerateCVE-2018-8789SUSE bug 1117963SUSE bug 1117965SUSE bug 1131873cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8804SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
LowCVE-2018-8804SUSE bug 1086011cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8822SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code.
ModerateCVE-2018-8822SUSE bug 1086162SUSE bug 1091815cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8897SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.
ModerateCVE-2018-8897SUSE bug 1087078SUSE bug 1087088SUSE bug 1090368SUSE bug 1090820SUSE bug 1090869SUSE bug 1092497SUSE bug 1093522SUSE bug 1100835SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8905SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.
ModerateCVE-2018-8905SUSE bug 1086408cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8945SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section.
LowCVE-2018-8945SUSE bug 1086608cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8960SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
LowCVE-2018-8960SUSE bug 1086782cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8975SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.
ModerateCVE-2018-8975SUSE bug 1086777cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-8976SUSE Linux Enterprise Desktop 12 SP3
In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.
LowCVE-2018-8976SUSE bug 1086810cpe:/o:suse:sled:12:sp3CVE-2018-9018SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
LowCVE-2018-9018SUSE bug 1086773cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9055SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.
LowCVE-2018-9055SUSE bug 1087020SUSE bug 1088278SUSE bug 1178702cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9133SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file.
ModerateCVE-2018-9133SUSE bug 1087820cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9135SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.
ModerateCVE-2018-9135SUSE bug 1087825cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9144SUSE Linux Enterprise Desktop 12 SP3
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
ModerateCVE-2018-9144SUSE bug 1087877cpe:/o:suse:sled:12:sp3CVE-2018-9145SUSE Linux Enterprise Desktop 12 SP3
In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. A large size value may lead to a SIGABRT during an attempt at memory allocation. NOTE: some third parties have been unable to reproduce the SIGABRT when using the 4-DataBuf-abort-1 PoC file.
ModerateCVE-2018-9145SUSE bug 1087879cpe:/o:suse:sled:12:sp3CVE-2018-9234SUSE Linux Enterprise Desktop 12 SP3
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.
LowCVE-2018-9234SUSE bug 1088255SUSE bug 1090647cpe:/o:suse:sled:12:sp3CVE-2018-9251SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
LowCVE-2018-9251SUSE bug 1088279SUSE bug 1088601SUSE bug 1105166cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9256SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth.
ModerateCVE-2018-9256SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9259SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth.
ModerateCVE-2018-9259SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9260SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash. This was addressed in epan/dissectors/packet-ieee802154.c by ensuring that an allocation step occurs.
ModerateCVE-2018-9260SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9261SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.
ModerateCVE-2018-9261SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9262SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth.
ModerateCVE-2018-9262SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9263SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length.
ModerateCVE-2018-9263SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9264SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency.
ModerateCVE-2018-9264SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9265SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak.
ModerateCVE-2018-9265SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9266SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak.
ModerateCVE-2018-9266SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9267SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak.
ModerateCVE-2018-9267SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9268SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak.
ModerateCVE-2018-9268SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9269SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak.
ModerateCVE-2018-9269SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9270SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak.
ModerateCVE-2018-9270SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9271SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak.
ModerateCVE-2018-9271SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9272SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.
ModerateCVE-2018-9272SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9273SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.
ModerateCVE-2018-9273SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9274SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.
ModerateCVE-2018-9274SUSE bug 1088200cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9275SUSE Linux Enterprise Desktop 12 SP4
In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors).
ModerateCVE-2018-9275SUSE bug 1088027cpe:/o:suse:sled:12:sp4CVE-2018-9305SUSE Linux Enterprise Desktop 12 SP3
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
LowCVE-2018-9305SUSE bug 1088424cpe:/o:suse:sled:12:sp3CVE-2018-9306SUSE Linux Enterprise Desktop 12 SP3
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17724. Reason: This candidate is a reservation duplicate of CVE-2017-17724. Notes: All CVE users should reference CVE-2017-17724 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
LowCVE-2018-9306SUSE bug 1088425cpe:/o:suse:sled:12:sp3CVE-2018-9336SUSE Linux Enterprise Desktop 12 SP3
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
ModerateCVE-2018-9336SUSE bug 1090647SUSE bug 1090839cpe:/o:suse:sled:12:sp3CVE-2018-9363SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.
ImportantCVE-2018-9363SUSE bug 1087082SUSE bug 1105292SUSE bug 1105293cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9385SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74128061 References: Upstream kernel.
ModerateCVE-2018-9385SUSE bug 1100491cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2018-9415SUSE Linux Enterprise Desktop 12 SP3
In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel.
ModerateCVE-2018-9415SUSE bug 1108501cpe:/o:suse:sled:12:sp3CVE-2018-9465SUSE Linux Enterprise Desktop 12 SP3
In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69164715 References: Upstream kernel.
ModerateCVE-2018-9465SUSE bug 1104758cpe:/o:suse:sled:12:sp3CVE-2018-9516SUSE Linux Enterprise Desktop 12 SP3
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.
ModerateCVE-2018-9516SUSE bug 1108498SUSE bug 1123161cpe:/o:suse:sled:12:sp3CVE-2018-9518SUSE Linux Enterprise Desktop 12 SP3
In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-73083945.
ModerateCVE-2018-9518SUSE bug 1108500cpe:/o:suse:sled:12:sp3CVE-2018-9568SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.
ImportantCVE-2018-9568SUSE bug 1118319SUSE bug 1118320cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-0154SUSE Linux Enterprise Desktop 12 SP4
Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.
ImportantCVE-2019-0154SUSE bug 1135966SUSE bug 1181720cpe:/o:suse:sled:12:sp4CVE-2019-0155SUSE Linux Enterprise Desktop 12 SP4
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.
ImportantCVE-2019-0155SUSE bug 1135966SUSE bug 1135967SUSE bug 1173663cpe:/o:suse:sled:12:sp4CVE-2019-0160SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
ModerateCVE-2019-0160SUSE bug 1130267cpe:/o:suse:sled:12:sp4CVE-2019-0161SUSE Linux Enterprise Desktop 12 SP4
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
ModerateCVE-2019-0161SUSE bug 1131361cpe:/o:suse:sled:12:sp4CVE-2019-1000019SUSE Linux Enterprise Desktop 12 SP4
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.
LowCVE-2019-1000019SUSE bug 1124341cpe:/o:suse:sled:12:sp4CVE-2019-1000020SUSE Linux Enterprise Desktop 12 SP4
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file.
LowCVE-2019-1000020SUSE bug 1124342cpe:/o:suse:sled:12:sp4CVE-2019-1010006SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.
ImportantCVE-2019-1010006SUSE bug 1141619cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1010024SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."
ModerateCVE-2019-1010024SUSE bug 1141869cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1010180SUSE Linux Enterprise Desktop 12 SP4
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
ImportantCVE-2019-1010180SUSE bug 1142772cpe:/o:suse:sled:12:sp4CVE-2019-1010189SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1.
ModerateCVE-2019-1010189SUSE bug 1142766cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1010190SUSE Linux Enterprise Desktop 12 SP3
mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1.
LowCVE-2019-1010190SUSE bug 1142770cpe:/o:suse:sled:12:sp3CVE-2019-1010220SUSE Linux Enterprise Desktop 12 SP4
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
ModerateCVE-2019-1010220SUSE bug 1142439SUSE bug 1153098cpe:/o:suse:sled:12:sp4CVE-2019-1010238SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
ImportantCVE-2019-1010238SUSE bug 1142332cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1010315SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc.
ModerateCVE-2019-1010315SUSE bug 1141337cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1010317SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b.
ModerateCVE-2019-1010317SUSE bug 1141339cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1010318SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11498. Reason: This candidate is a reservation duplicate of CVE-2019-11498. Notes: All CVE users should reference CVE-2019-11498 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
LowCVE-2019-1010318SUSE bug 1141338cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1010319SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe.
ModerateCVE-2019-1010319SUSE bug 1141334cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10124SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2019-10124SUSE bug 1130699cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10125SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.
ImportantCVE-2019-10125SUSE bug 1130695cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10126SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
ImportantCVE-2019-10126SUSE bug 1136935SUSE bug 1137944SUSE bug 1156330cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10129SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).
ModerateCVE-2019-10129SUSE bug 1134684cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10130SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.
ModerateCVE-2019-10130SUSE bug 1134689cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10131SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
ModerateCVE-2019-10131SUSE bug 1134075cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10132SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
ImportantCVE-2019-10132SUSE bug 1134348cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10140SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).
ModerateCVE-2019-10140SUSE bug 1145701cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10142SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects.
ImportantCVE-2019-10142SUSE bug 1135955cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10160SUSE Linux Enterprise Desktop 12 SP4
A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.
CriticalCVE-2019-10160SUSE bug 1138459cpe:/o:suse:sled:12:sp4CVE-2019-10161SUSE Linux Enterprise Desktop 12 SP4
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.
ImportantCVE-2019-10161SUSE bug 1138301cpe:/o:suse:sled:12:sp4CVE-2019-10164SUSE Linux Enterprise Desktop 12 SP4
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.
ImportantCVE-2019-10164SUSE bug 1138034cpe:/o:suse:sled:12:sp4CVE-2019-10166SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
ImportantCVE-2019-10166SUSE bug 1138302cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10167SUSE Linux Enterprise Desktop 12 SP4
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
ImportantCVE-2019-10167SUSE bug 1138303cpe:/o:suse:sled:12:sp4CVE-2019-10168SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
ImportantCVE-2019-10168SUSE bug 1138305SUSE bug 1138582cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10197SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.
ImportantCVE-2019-10197SUSE bug 1141267cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10207SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.
ModerateCVE-2019-10207SUSE bug 1123959SUSE bug 1142857cpe:/o:suse:sled:12:sp4CVE-2019-10208SUSE Linux Enterprise Desktop 12 SP4
A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.
ImportantCVE-2019-10208SUSE bug 1145092SUSE bug 1171566cpe:/o:suse:sled:12:sp4CVE-2019-10209SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
LowCVE-2019-10209SUSE bug 1145091cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10216SUSE Linux Enterprise Desktop 12 SP4
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
ImportantCVE-2019-10216SUSE bug 1144621SUSE bug 1146882SUSE bug 1146884cpe:/o:suse:sled:12:sp4CVE-2019-10218SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.
ModerateCVE-2019-10218SUSE bug 1144902SUSE bug 1144903cpe:/o:suse:sled:12:sp4CVE-2019-10220SUSE Linux Enterprise Desktop 12 SP4
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
ImportantCVE-2019-10220SUSE bug 1144903SUSE bug 1153108cpe:/o:suse:sled:12:sp4CVE-2019-10222SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
ImportantCVE-2019-10222SUSE bug 1139399SUSE bug 1145093cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10557SUSE Linux Enterprise Desktop 12 SP4
Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDX20, SDX55, SXR1130
CriticalCVE-2019-10557SUSE bug 1159621cpe:/o:suse:sled:12:sp4CVE-2019-10638SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.
ModerateCVE-2019-10638SUSE bug 1140575SUSE bug 1140577cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10639SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.
ModerateCVE-2019-10639SUSE bug 1140577cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10649SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.
LowCVE-2019-10649SUSE bug 1131154cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10650SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
ModerateCVE-2019-10650SUSE bug 1131317cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10894SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
ModerateCVE-2019-10894SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10895SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.
ModerateCVE-2019-10895SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10896SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.
ModerateCVE-2019-10896SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10899SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.
ModerateCVE-2019-10899SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10901SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.
ModerateCVE-2019-10901SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-10903SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.
ModerateCVE-2019-10903SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11005SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.
ModerateCVE-2019-11005SUSE bug 1132058cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11006SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.
ModerateCVE-2019-11006SUSE bug 1132061cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11007SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.
ModerateCVE-2019-11007SUSE bug 1132060cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11008SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.
ModerateCVE-2019-11008SUSE bug 1132054SUSE bug 1133202SUSE bug 1133203cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11009SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.
ModerateCVE-2019-11009SUSE bug 1132053SUSE bug 1133202SUSE bug 1133203cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11010SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.
ModerateCVE-2019-11010SUSE bug 1132055cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11038SUSE Linux Enterprise Desktop 12 SP4
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.
ModerateCVE-2019-11038SUSE bug 1140118SUSE bug 1140120cpe:/o:suse:sled:12:sp4CVE-2019-11068SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
ModerateCVE-2019-11068SUSE bug 1132160SUSE bug 1154212cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11070SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded.
ModerateCVE-2019-11070SUSE bug 1132196SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11085SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
ImportantCVE-2019-11085SUSE bug 1135278SUSE bug 1135280cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11091SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
ModerateCVE-2019-11091SUSE bug 1103186SUSE bug 1111331SUSE bug 1132686SUSE bug 1133319SUSE bug 1135394SUSE bug 1138534SUSE bug 1141977SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11135SUSE Linux Enterprise Desktop 12 SP4
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
ModerateCVE-2019-11135SUSE bug 1139073SUSE bug 1152497SUSE bug 1152505SUSE bug 1152506cpe:/o:suse:sled:12:sp4CVE-2019-11139SUSE Linux Enterprise Desktop 12 SP4
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
ModerateCVE-2019-11139SUSE bug 1141035cpe:/o:suse:sled:12:sp4CVE-2019-11190SUSE Linux Enterprise Desktop 12 SP3
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.
CVE-2019-11190SUSE bug 1131543SUSE bug 1132374SUSE bug 1132472cpe:/o:suse:sled:12:sp3CVE-2019-1125SUSE Linux Enterprise Desktop 12 SP4
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.
ModerateCVE-2019-1125SUSE bug 1139358cpe:/o:suse:sled:12:sp4CVE-2019-11360SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.
LowCVE-2019-11360SUSE bug 1141524cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11365SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this vulnerable strncpy pattern within the code base, specifically within tftpd_file.c, tftp_file.c, tftpd_mtftp.c, and tftp_mtftp.c.
CriticalCVE-2019-11365SUSE bug 1133114cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11366SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in atftpd in atftp 0.7.1. It does not lock the thread_list_mutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If thread_data is NULL when assigned to current, and modified by another thread before a certain tftpd_list.c check, there is a crash when dereferencing current->next.
ModerateCVE-2019-11366SUSE bug 1133145cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11459SUSE Linux Enterprise Desktop 12 SP4
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
ModerateCVE-2019-11459SUSE bug 1133037cpe:/o:suse:sled:12:sp4CVE-2019-11460SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing an attacker to escape the sandbox if the thumbnailer has a controlling terminal. This is due to improper filtering of the TIOCSTI ioctl on 64-bit systems, similar to CVE-2019-10063.
ModerateCVE-2019-11460SUSE bug 1133043cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11463SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.
ModerateCVE-2019-11463SUSE bug 1133130cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11470SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.
ModerateCVE-2019-11470SUSE bug 1133205cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11472SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
ModerateCVE-2019-11472SUSE bug 1133202SUSE bug 1133203SUSE bug 1133204SUSE bug 1146213cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11473SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
LowCVE-2019-11473SUSE bug 1133203SUSE bug 1133204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11474SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
LowCVE-2019-11474SUSE bug 1133202SUSE bug 1133204cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11477SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
ImportantCVE-2019-11477SUSE bug 1132686SUSE bug 1137586cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11478SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
ImportantCVE-2019-11478SUSE bug 1132686SUSE bug 1137586cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11479SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.
ImportantCVE-2019-11479SUSE bug 1132686SUSE bug 1137586cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11486SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
ImportantCVE-2019-11486SUSE bug 1133188SUSE bug 1173667cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11487SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.
ImportantCVE-2019-11487SUSE bug 1133190SUSE bug 1133191cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11498SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data.
LowCVE-2019-11498SUSE bug 1133384cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11505SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
ImportantCVE-2019-11505SUSE bug 1133501cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11506SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.
ModerateCVE-2019-11506SUSE bug 1133498cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11555SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c.
ModerateCVE-2019-11555SUSE bug 1133640cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11597SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.
ModerateCVE-2019-11597SUSE bug 1138464SUSE bug 1146211cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11598SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.
ModerateCVE-2019-11598SUSE bug 1136732SUSE bug 1179313SUSE bug 1179336cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11599SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.
ModerateCVE-2019-11599SUSE bug 1131645SUSE bug 1133738SUSE bug 1157905cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11683SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue.
ImportantCVE-2019-11683SUSE bug 1134021cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11691SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-11691SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11692SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-11692SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11693SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-11693SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11694SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-11694SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11698SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-11698SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11707SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
ImportantCVE-2019-11707SUSE bug 1138614cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11708SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2.
ImportantCVE-2019-11708SUSE bug 1138872cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11709SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11709SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11710SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11710SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11711SUSE Linux Enterprise Desktop 12 SP4
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11711SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11712SUSE Linux Enterprise Desktop 12 SP4
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11712SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11713SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11713SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11714SUSE Linux Enterprise Desktop 12 SP4
Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11714SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11715SUSE Linux Enterprise Desktop 12 SP4
Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11715SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11716SUSE Linux Enterprise Desktop 12 SP4
Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11716SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11717SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11717SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11718SUSE Linux Enterprise Desktop 12 SP4
Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11718SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11719SUSE Linux Enterprise Desktop 12 SP4
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11719SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11720SUSE Linux Enterprise Desktop 12 SP4
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11720SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11721SUSE Linux Enterprise Desktop 12 SP4
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11721SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11723SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11723SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11724SUSE Linux Enterprise Desktop 12 SP4
Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11724SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11725SUSE Linux Enterprise Desktop 12 SP4
When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11725SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11727SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
ModerateCVE-2019-11727SUSE bug 1140868SUSE bug 1141322cpe:/o:suse:sled:12:sp4CVE-2019-11728SUSE Linux Enterprise Desktop 12 SP4
The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11728SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11729SUSE Linux Enterprise Desktop 12 SP4
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11729SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11730SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11730SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-11733SUSE Linux Enterprise Desktop 12 SP4
When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2.
ModerateCVE-2019-11733SUSE bug 1145665cpe:/o:suse:sled:12:sp4CVE-2019-11734SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69.
ImportantCVE-2019-11734SUSE bug 1149287SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11735SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ImportantCVE-2019-11735SUSE bug 1149293SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11736SUSE Linux Enterprise Desktop 12 SP4
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation by a user with unprivileged local access. <br>*Note: These attacks requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ImportantCVE-2019-11736SUSE bug 1149292SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11737SUSE Linux Enterprise Desktop 12 SP4
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
ModerateCVE-2019-11737SUSE bug 1149300SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11738SUSE Linux Enterprise Desktop 12 SP4
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ModerateCVE-2019-11738SUSE bug 1149302SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11740SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11740SUSE bug 1149299SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:suse:sled:12:sp4CVE-2019-11741SUSE Linux Enterprise Desktop 12 SP4
A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user's Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process. This vulnerability affects Firefox < 69.
ImportantCVE-2019-11741SUSE bug 1149288SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11742SUSE Linux Enterprise Desktop 12 SP4
A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11742SUSE bug 1149303SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:suse:sled:12:sp4CVE-2019-11743SUSE Linux Enterprise Desktop 12 SP4
Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ModerateCVE-2019-11743SUSE bug 1149298SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:suse:sled:12:sp4CVE-2019-11744SUSE Linux Enterprise Desktop 12 SP4
Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11744SUSE bug 1149304SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:suse:sled:12:sp4CVE-2019-11745SUSE Linux Enterprise Desktop 12 SP4
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ImportantCVE-2019-11745SUSE bug 1158328SUSE bug 1158527cpe:/o:suse:sled:12:sp4CVE-2019-11746SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11746SUSE bug 1149297SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:suse:sled:12:sp4CVE-2019-11747SUSE Linux Enterprise Desktop 12 SP4
The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
LowCVE-2019-11747SUSE bug 1149301SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11748SUSE Linux Enterprise Desktop 12 SP4
WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ModerateCVE-2019-11748SUSE bug 1149291SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11749SUSE Linux Enterprise Desktop 12 SP4
A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ModerateCVE-2019-11749SUSE bug 1149290SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11750SUSE Linux Enterprise Desktop 12 SP4
A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ModerateCVE-2019-11750SUSE bug 1149289SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11751SUSE Linux Enterprise Desktop 12 SP4
Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. <br>*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ImportantCVE-2019-11751SUSE bug 1149286SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11752SUSE Linux Enterprise Desktop 12 SP4
It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11752SUSE bug 1149296SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:suse:sled:12:sp4CVE-2019-11753SUSE Linux Enterprise Desktop 12 SP4
The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally. <br>*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11753SUSE bug 1149295SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-11754SUSE Linux Enterprise Desktop 12 SP4
When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox < 69.0.1.
ModerateCVE-2019-11754SUSE bug 1151260cpe:/o:suse:sled:12:sp4CVE-2019-11757SUSE Linux Enterprise Desktop 12 SP4
When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11757SUSE bug 1154738cpe:/o:suse:sled:12:sp4CVE-2019-11758SUSE Linux Enterprise Desktop 12 SP4
Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11758SUSE bug 1154738cpe:/o:suse:sled:12:sp4CVE-2019-11759SUSE Linux Enterprise Desktop 12 SP4
An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11759SUSE bug 1154738cpe:/o:suse:sled:12:sp4CVE-2019-11760SUSE Linux Enterprise Desktop 12 SP4
A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11760SUSE bug 1154738cpe:/o:suse:sled:12:sp4CVE-2019-11761SUSE Linux Enterprise Desktop 12 SP4
By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11761SUSE bug 1154738cpe:/o:suse:sled:12:sp4CVE-2019-11762SUSE Linux Enterprise Desktop 12 SP4
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11762SUSE bug 1154738cpe:/o:suse:sled:12:sp4CVE-2019-11763SUSE Linux Enterprise Desktop 12 SP4
Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11763SUSE bug 1154738cpe:/o:suse:sled:12:sp4CVE-2019-11764SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11764SUSE bug 1154738cpe:/o:suse:sled:12:sp4CVE-2019-11765SUSE Linux Enterprise Desktop 12 SP4
A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted rather than the 'Click to Play' permission. This vulnerability affects Firefox < 70.
ModerateCVE-2019-11765cpe:/o:suse:sled:12:sp4CVE-2019-11810SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
LowCVE-2019-11810SUSE bug 1134399cpe:/o:suse:sled:12:sp4CVE-2019-11811SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
LowCVE-2019-11811SUSE bug 1134397cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11815SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
ModerateCVE-2019-11815SUSE bug 1134537cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11833SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
ModerateCVE-2019-11833SUSE bug 1135281cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-11884SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.
ModerateCVE-2019-11884SUSE bug 1134848SUSE bug 1139868cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12067SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
LowCVE-2019-12067SUSE bug 1145642SUSE bug 1145652cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12068SUSE Linux Enterprise Desktop 12 SP4
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.
ModerateCVE-2019-12068SUSE bug 1146873SUSE bug 1146874SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-12155SUSE Linux Enterprise Desktop 12 SP4
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
LowCVE-2019-12155SUSE bug 1135902SUSE bug 1135905cpe:/o:suse:sled:12:sp4CVE-2019-12209SUSE Linux Enterprise Desktop 12 SP4
Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was enabled), and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM configuration, part of the file contents of a symlink target will be logged, possibly revealing sensitive information.
ModerateCVE-2019-12209SUSE bug 1087061SUSE bug 1135727SUSE bug 1135729cpe:/o:suse:sled:12:sp4CVE-2019-12210SUSE Linux Enterprise Desktop 12 SP4
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it. This can leak sensitive information and also, if written to, be used to fill the disk or plant misinformation.
ModerateCVE-2019-12210SUSE bug 1087061SUSE bug 1135727SUSE bug 1135729cpe:/o:suse:sled:12:sp4CVE-2019-12312SUSE Linux Enterprise Desktop 12 SP4
In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKE_AUTH exchange. This affects send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will then trigger a NULL pointer dereference leading to a restart of libreswan.
ModerateCVE-2019-12312SUSE bug 1146876cpe:/o:suse:sled:12:sp4CVE-2019-12360SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content.
ModerateCVE-2019-12360SUSE bug 1136620cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12378SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.
ModerateCVE-2019-12378SUSE bug 1136588cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12379SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue.
LowCVE-2019-12379SUSE bug 1136602cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12380SUSE Linux Enterprise Desktop 12 SP3
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”.
ModerateCVE-2019-12380SUSE bug 1136598SUSE bug 1155298cpe:/o:suse:sled:12:sp3CVE-2019-12381SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL.
ModerateCVE-2019-12381SUSE bug 1136593cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12382SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.
LowCVE-2019-12382SUSE bug 1136586SUSE bug 1155298cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12435SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.
ModerateCVE-2019-12435SUSE bug 1137815cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12436SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit.
ModerateCVE-2019-12436SUSE bug 1137816cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12447SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.
ImportantCVE-2019-12447SUSE bug 1136986cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12448SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write.
ModerateCVE-2019-12448SUSE bug 1136981cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12449SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.
ModerateCVE-2019-12449SUSE bug 1136992cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12450SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
ImportantCVE-2019-12450SUSE bug 1137001SUSE bug 1139959SUSE bug 1142126cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12454SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn't NUL-terminated, which is not the case.
ModerateCVE-2019-12454SUSE bug 1136963cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12455SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because “The memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.”.
ModerateCVE-2019-12455SUSE bug 1136946cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12456SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a "double fetch" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used.
ImportantCVE-2019-12456SUSE bug 1136922SUSE bug 1136993cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12493SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data.
LowCVE-2019-12493SUSE bug 1136998cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12614SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
ModerateCVE-2019-12614SUSE bug 1137194cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12615SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
ModerateCVE-2019-12615SUSE bug 1137195cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12625SUSE Linux Enterprise Desktop 12 SP4
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
ImportantCVE-2019-12625SUSE bug 1144504cpe:/o:suse:sled:12:sp4CVE-2019-12735SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
ImportantCVE-2019-12735SUSE bug 1137443cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12749SUSE Linux Enterprise Desktop 12 SP4
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.
ImportantCVE-2019-12749SUSE bug 1137832cpe:/o:suse:sled:12:sp4CVE-2019-12817SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.
ImportantCVE-2019-12817SUSE bug 1138263SUSE bug 1138264cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12818SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c.
ModerateCVE-2019-12818SUSE bug 1138293cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12819SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.
LowCVE-2019-12819SUSE bug 1138291cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12900SUSE Linux Enterprise Desktop 12 SP4
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
ImportantCVE-2019-12900SUSE bug 1139083SUSE bug 1149458cpe:/o:suse:sled:12:sp4CVE-2019-12904SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor's position is that the issue report cannot be validated because there is no description of an attack.
ModerateCVE-2019-12904SUSE bug 1138939cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12928SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue.
CriticalCVE-2019-12928SUSE bug 1139714SUSE bug 1140124cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12929SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue.
ModerateCVE-2019-12929SUSE bug 1139671SUSE bug 1140123cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12973SUSE Linux Enterprise Desktop 12 SP4
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
ModerateCVE-2019-12973SUSE bug 1140359cpe:/o:suse:sled:12:sp4CVE-2019-12974SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.
ModerateCVE-2019-12974SUSE bug 1140111cpe:/o:suse:sled:12:sp4CVE-2019-12975SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.
ModerateCVE-2019-12975SUSE bug 1140106cpe:/o:suse:sled:12:sp4CVE-2019-12976SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
ModerateCVE-2019-12976SUSE bug 1140110cpe:/o:suse:sled:12:sp4CVE-2019-12977SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.
ModerateCVE-2019-12977SUSE bug 1139884cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-12978SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.
ModerateCVE-2019-12978SUSE bug 1139885cpe:/o:suse:sled:12:sp4CVE-2019-12979SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.
ModerateCVE-2019-12979SUSE bug 1139886cpe:/o:suse:sled:12:sp4CVE-2019-13012SUSE Linux Enterprise Desktop 12 SP4
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL). Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450.
ImportantCVE-2019-13012SUSE bug 1139959SUSE bug 1142126cpe:/o:suse:sled:12:sp4CVE-2019-13050SUSE Linux Enterprise Desktop 12 SP4
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.
ModerateCVE-2019-13050SUSE bug 1141093cpe:/o:suse:sled:12:sp4CVE-2019-13057SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)
ModerateCVE-2019-13057SUSE bug 1143273cpe:/o:suse:sled:12:sp4CVE-2019-13108SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
ModerateCVE-2019-13108SUSE bug 1142675cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13109SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
ModerateCVE-2019-13109SUSE bug 1142677cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13111SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file.
ModerateCVE-2019-13111SUSE bug 1142679cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13114SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
ModerateCVE-2019-13114SUSE bug 1142684cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13115SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
ModerateCVE-2019-13115SUSE bug 1141850cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13117SUSE Linux Enterprise Desktop 12 SP4
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
ModerateCVE-2019-13117SUSE bug 1140095SUSE bug 1157028SUSE bug 1160968cpe:/o:suse:sled:12:sp4CVE-2019-13118SUSE Linux Enterprise Desktop 12 SP4
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
LowCVE-2019-13118SUSE bug 1140101SUSE bug 1157028SUSE bug 1160968cpe:/o:suse:sled:12:sp4CVE-2019-13132SUSE Linux Enterprise Desktop 12 SP4
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.
ImportantCVE-2019-13132SUSE bug 1140255cpe:/o:suse:sled:12:sp4CVE-2019-13133SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
ModerateCVE-2019-13133SUSE bug 1140100cpe:/o:suse:sled:12:sp4CVE-2019-13134SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
ModerateCVE-2019-13134SUSE bug 1140102cpe:/o:suse:sled:12:sp4CVE-2019-13135SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
ModerateCVE-2019-13135SUSE bug 1140103cpe:/o:suse:sled:12:sp4CVE-2019-13136SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
ModerateCVE-2019-13136SUSE bug 1140104cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13137SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
ModerateCVE-2019-13137SUSE bug 1140105cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13164SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
ModerateCVE-2019-13164SUSE bug 1140402cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13233SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
ImportantCVE-2019-13233SUSE bug 1140454SUSE bug 1144502cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13272SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
ImportantCVE-2019-13272SUSE bug 1140671SUSE bug 1156321SUSE bug 1198122cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3CVE-2019-13282SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
ModerateCVE-2019-13282SUSE bug 1140870cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13286SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure.
LowCVE-2019-13286SUSE bug 1140744cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13287SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is related to CVE-2018-16368.
LowCVE-2019-13287SUSE bug 1140745cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13288SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
ModerateCVE-2019-13288SUSE bug 1140882cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13291SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure.
LowCVE-2019-13291SUSE bug 1140746cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13295SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
ModerateCVE-2019-13295SUSE bug 1140664cpe:/o:suse:sled:12:sp4CVE-2019-13296SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.
ModerateCVE-2019-13296SUSE bug 1140665cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13297SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
ModerateCVE-2019-13297SUSE bug 1140666cpe:/o:suse:sled:12:sp4CVE-2019-13298SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.
ModerateCVE-2019-13298SUSE bug 1140667cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13299SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.
ModerateCVE-2019-13299SUSE bug 1140668cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13300SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.
ModerateCVE-2019-13300SUSE bug 1140669cpe:/o:suse:sled:12:sp4CVE-2019-13301SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
ModerateCVE-2019-13301SUSE bug 1140554cpe:/o:suse:sled:12:sp4CVE-2019-13302SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
ModerateCVE-2019-13302SUSE bug 1140552cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13303SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.
ImportantCVE-2019-13303SUSE bug 1140549cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13304SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.
ImportantCVE-2019-13304SUSE bug 1140547cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13305SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.
ImportantCVE-2019-13305SUSE bug 1140545cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13306SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
ModerateCVE-2019-13306SUSE bug 1140543cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13307SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.
ModerateCVE-2019-13307SUSE bug 1140538cpe:/o:suse:sled:12:sp4CVE-2019-13308SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
ModerateCVE-2019-13308SUSE bug 1140534cpe:/o:suse:sled:12:sp4CVE-2019-13309SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
LowCVE-2019-13309SUSE bug 1140501SUSE bug 1140520cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-13310SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
LowCVE-2019-13310SUSE bug 1140501SUSE bug 1140520cpe:/o:suse:sled:12:sp4CVE-2019-13311SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
LowCVE-2019-13311SUSE bug 1140513SUSE bug 1140554cpe:/o:suse:sled:12:sp4CVE-2019-13391SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.
ModerateCVE-2019-13391SUSE bug 1140673cpe:/o:suse:sled:12:sp4CVE-2019-13454SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
ModerateCVE-2019-13454SUSE bug 1141171cpe:/o:suse:sled:12:sp4CVE-2019-13565SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.
ModerateCVE-2019-13565SUSE bug 1143194cpe:/o:suse:sled:12:sp4CVE-2019-13619SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.
ModerateCVE-2019-13619SUSE bug 1141980cpe:/o:suse:sled:12:sp4CVE-2019-13627SUSE Linux Enterprise Desktop 12 SP4
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
ModerateCVE-2019-13627SUSE bug 1148987cpe:/o:suse:sled:12:sp4CVE-2019-13631SUSE Linux Enterprise Desktop 12 SP4
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
ModerateCVE-2019-13631SUSE bug 1142023cpe:/o:suse:sled:12:sp4CVE-2019-13648SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.
ModerateCVE-2019-13648SUSE bug 1142254SUSE bug 1142265cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2019-13722SUSE Linux Enterprise Desktop 12 SP4
Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13722SUSE bug 1158328cpe:/o:suse:sled:12:sp4CVE-2019-14283SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.
ModerateCVE-2019-14283SUSE bug 1143191cpe:/o:suse:sled:12:sp4CVE-2019-14284SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.
ModerateCVE-2019-14284SUSE bug 1143189SUSE bug 1143191cpe:/o:suse:sled:12:sp4CVE-2019-14287SUSE Linux Enterprise Desktop 12 SP4
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
ImportantCVE-2019-14287SUSE bug 1153674SUSE bug 1156093cpe:/o:suse:sled:12:sp4CVE-2019-14288SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.
ModerateCVE-2019-14288SUSE bug 1143434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14289SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.
ModerateCVE-2019-14289SUSE bug 1143443cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14290SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2.
ModerateCVE-2019-14290SUSE bug 1143568cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14291SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3.
ModerateCVE-2019-14291SUSE bug 1143569cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14293SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2.
ModerateCVE-2019-14293SUSE bug 1143571cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14294SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.
ModerateCVE-2019-14294SUSE bug 1143572cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14368SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.
ModerateCVE-2019-14368SUSE bug 1143278cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14369SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file.
ModerateCVE-2019-14369SUSE bug 1141472SUSE bug 1143280cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14370SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.
ModerateCVE-2019-14370SUSE bug 1143281cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14378SUSE Linux Enterprise Desktop 12 SP4
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
ImportantCVE-2019-14378SUSE bug 1143794SUSE bug 1143797SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-14513SUSE Linux Enterprise Desktop 12 SP4
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
ModerateCVE-2019-14513SUSE bug 1143944cpe:/o:suse:sled:12:sp4CVE-2019-14615SUSE Linux Enterprise Desktop 12 SP4
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
ModerateCVE-2019-14615SUSE bug 1160195SUSE bug 1165881cpe:/o:suse:sled:12:sp4CVE-2019-14655SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ImportantCVE-2019-14655SUSE bug 1144359cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14763SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
ModerateCVE-2019-14763SUSE bug 1144918cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14811SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
ImportantCVE-2019-14811SUSE bug 1146882cpe:/o:suse:sled:12:sp4CVE-2019-14812SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
ImportantCVE-2019-14812SUSE bug 1146882cpe:/o:suse:sled:12:sp4CVE-2019-14813SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
ImportantCVE-2019-14813SUSE bug 1146882cpe:/o:suse:sled:12:sp4CVE-2019-14814SUSE Linux Enterprise Desktop 12 SP4
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
ImportantCVE-2019-14814SUSE bug 1146512SUSE bug 1173664SUSE bug 1173665cpe:/o:suse:sled:12:sp4CVE-2019-14815SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
ImportantCVE-2019-14815SUSE bug 1146514SUSE bug 1173665cpe:/o:suse:sled:12:sp4CVE-2019-14816SUSE Linux Enterprise Desktop 12 SP4
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
ImportantCVE-2019-14816SUSE bug 1146516SUSE bug 1173666cpe:/o:suse:sled:12:sp4CVE-2019-14817SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
ImportantCVE-2019-14817SUSE bug 1146882SUSE bug 1146884cpe:/o:suse:sled:12:sp4CVE-2019-14821SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
ModerateCVE-2019-14821SUSE bug 1151350cpe:/o:suse:sled:12:sp4CVE-2019-14822SUSE Linux Enterprise Desktop 12 SP4
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.
ImportantCVE-2019-14822SUSE bug 1150011cpe:/o:suse:sled:12:sp4CVE-2019-14833SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it vulnerable to dictionary attacks.
ModerateCVE-2019-14833SUSE bug 1154289cpe:/o:suse:sled:12:sp4CVE-2019-14834SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
ModerateCVE-2019-14834SUSE bug 1154849cpe:/o:suse:sled:12:sp4CVE-2019-14835SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
ImportantCVE-2019-14835SUSE bug 1150112SUSE bug 1151021cpe:/o:suse:sled:12:sp4CVE-2019-14847SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
ModerateCVE-2019-14847SUSE bug 1154598cpe:/o:suse:sled:12:sp4CVE-2019-14861SUSE Linux Enterprise Desktop 12 SP4
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.
ModerateCVE-2019-14861SUSE bug 1158108cpe:/o:suse:sled:12:sp4CVE-2019-14865SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
ModerateCVE-2019-14865SUSE bug 1157767cpe:/o:suse:sled:12:sp4CVE-2019-14866SUSE Linux Enterprise Desktop 12 SP4
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.
ModerateCVE-2019-14866SUSE bug 1155199cpe:/o:suse:sled:12:sp4CVE-2019-14869SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.
ImportantCVE-2019-14869SUSE bug 1156275cpe:/o:suse:sled:12:sp4CVE-2019-14870SUSE Linux Enterprise Desktop 12 SP4
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.
ModerateCVE-2019-14870SUSE bug 1158109cpe:/o:suse:sled:12:sp4CVE-2019-14889SUSE Linux Enterprise Desktop 12 SP4
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
ImportantCVE-2019-14889SUSE bug 1158095cpe:/o:suse:sled:12:sp4CVE-2019-14895SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.
ImportantCVE-2019-14895SUSE bug 1157042SUSE bug 1157158SUSE bug 1173100SUSE bug 1173660cpe:/o:suse:sled:12:sp4CVE-2019-14898SUSE Linux Enterprise Desktop 12 SP4
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.
ImportantCVE-2019-14898SUSE bug 1157905cpe:/o:suse:sled:12:sp4CVE-2019-14902SUSE Linux Enterprise Desktop 12 SP4
There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
ModerateCVE-2019-14902SUSE bug 1160850cpe:/o:suse:sled:12:sp4CVE-2019-14907SUSE Linux Enterprise Desktop 12 SP4
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).
ModerateCVE-2019-14907SUSE bug 1160888cpe:/o:suse:sled:12:sp4CVE-2019-14973SUSE Linux Enterprise Desktop 12 SP4
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
ModerateCVE-2019-14973SUSE bug 1146608cpe:/o:suse:sled:12:sp4CVE-2019-14980SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
ModerateCVE-2019-14980SUSE bug 1146068cpe:/o:suse:sled:12:sp4CVE-2019-14981SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
ModerateCVE-2019-14981SUSE bug 1146065cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-14982SUSE Linux Enterprise Desktop 12 SP4
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.
ModerateCVE-2019-14982SUSE bug 1146294cpe:/o:suse:sled:12:sp4CVE-2019-15030SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.
ModerateCVE-2019-15030SUSE bug 1149713cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15031SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.
ModerateCVE-2019-15031SUSE bug 1149713cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15034SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
ImportantCVE-2019-15034SUSE bug 1166379cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15090SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
ModerateCVE-2019-15090SUSE bug 1146399cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15098SUSE Linux Enterprise Desktop 12 SP4
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
ModerateCVE-2019-15098SUSE bug 1146378SUSE bug 1146543cpe:/o:suse:sled:12:sp4CVE-2019-15099SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
ModerateCVE-2019-15099SUSE bug 1146368cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2019-15117SUSE Linux Enterprise Desktop 12 SP4
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
ImportantCVE-2019-15117SUSE bug 1145920SUSE bug 1173934cpe:/o:suse:sled:12:sp4CVE-2019-15118SUSE Linux Enterprise Desktop 12 SP4
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
ModerateCVE-2019-15118SUSE bug 1145922cpe:/o:suse:sled:12:sp4CVE-2019-15139SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
LowCVE-2019-15139SUSE bug 1146213cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15140SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
LowCVE-2019-15140SUSE bug 1146212cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15141SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
LowCVE-2019-15141SUSE bug 1146211cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15142SUSE Linux Enterprise Desktop 12 SP4
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.
ModerateCVE-2019-15142SUSE bug 1146702cpe:/o:suse:sled:12:sp4CVE-2019-15143SUSE Linux Enterprise Desktop 12 SP4
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.
ModerateCVE-2019-15143SUSE bug 1146569cpe:/o:suse:sled:12:sp4CVE-2019-15144SUSE Linux Enterprise Desktop 12 SP4
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.
ModerateCVE-2019-15144SUSE bug 1146571cpe:/o:suse:sled:12:sp4CVE-2019-15145SUSE Linux Enterprise Desktop 12 SP4
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.
ModerateCVE-2019-15145SUSE bug 1146572cpe:/o:suse:sled:12:sp4CVE-2019-15165SUSE Linux Enterprise Desktop 12 SP4
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
ModerateCVE-2019-15165SUSE bug 1153332cpe:/o:suse:sled:12:sp4CVE-2019-15211SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
ModerateCVE-2019-15211SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15212SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
ModerateCVE-2019-15212SUSE bug 1146391SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15214SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
ModerateCVE-2019-15214SUSE bug 1146519SUSE bug 1146550SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15215SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
ModerateCVE-2019-15215SUSE bug 1146425SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15216SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
ModerateCVE-2019-15216SUSE bug 1146361SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15217SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
ModerateCVE-2019-15217SUSE bug 1146519SUSE bug 1146547SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15218SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
ModerateCVE-2019-15218SUSE bug 1146413SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15219SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
ModerateCVE-2019-15219SUSE bug 1146519SUSE bug 1146524SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15220SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
ModerateCVE-2019-15220SUSE bug 1146519SUSE bug 1146526SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15221SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
ModerateCVE-2019-15221SUSE bug 1146519SUSE bug 1146529SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15222SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
ModerateCVE-2019-15222SUSE bug 1146519SUSE bug 1146531SUSE bug 1158381SUSE bug 1158398SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15223SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.
ModerateCVE-2019-15223SUSE bug 1146519SUSE bug 1146535SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15239SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.
ImportantCVE-2019-15239SUSE bug 1146589SUSE bug 1156317cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2019-15290SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-15098. Reason: This candidate is a duplicate of CVE-2019-15098. Notes: All CVE users should reference CVE-2019-15098 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2019-15290SUSE bug 1146378SUSE bug 1146519SUSE bug 1146543SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15291SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
ModerateCVE-2019-15291SUSE bug 1146519SUSE bug 1146540SUSE bug 1158381SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-15292SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
ImportantCVE-2019-15292SUSE bug 1146678SUSE bug 1173939cpe:/o:suse:sled:12:sp4CVE-2019-1543SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b). Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j).
LowCVE-2019-1543SUSE bug 1128189SUSE bug 1141801SUSE bug 1154162cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1547SUSE Linux Enterprise Desktop 12 SP4
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
ModerateCVE-2019-1547SUSE bug 1150003SUSE bug 1154162SUSE bug 1154166SUSE bug 1161085cpe:/o:suse:sled:12:sp4CVE-2019-1549SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).
ModerateCVE-2019-1549SUSE bug 1150247SUSE bug 1154162cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15504SUSE Linux Enterprise Desktop 12 SP4
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).
ImportantCVE-2019-15504SUSE bug 1147116SUSE bug 1185852cpe:/o:suse:sled:12:sp4CVE-2019-1551SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).
ModerateCVE-2019-1551SUSE bug 1158809cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1552SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
LowCVE-2019-1552SUSE bug 1143552SUSE bug 1154162cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15538SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.
ModerateCVE-2019-15538SUSE bug 1148093cpe:/o:suse:sled:12:sp4CVE-2019-1559SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
ModerateCVE-2019-1559SUSE bug 1127080SUSE bug 1141798cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15601SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2019-15601SUSE bug 1160301cpe:/o:suse:sled:12:sp4CVE-2019-1563SUSE Linux Enterprise Desktop 12 SP4
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
ModerateCVE-2019-1563SUSE bug 1150250SUSE bug 1154162cpe:/o:suse:sled:12:sp4CVE-2019-15666SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.
ImportantCVE-2019-15666SUSE bug 1148394SUSE bug 1172140cpe:/o:suse:sled:12:sp4CVE-2019-15791SUSE Linux Enterprise Desktop 12 SP4
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, which then puts a reference to that file, leading to a refcount underflow.
ModerateCVE-2019-15791SUSE bug 1156640cpe:/o:suse:sled:12:sp4CVE-2019-15794SUSE Linux Enterprise Desktop 12 SP4
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
ImportantCVE-2019-15794SUSE bug 1158156cpe:/o:suse:sled:12:sp4CVE-2019-15845SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.
ModerateCVE-2019-15845SUSE bug 1152994cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-15847SUSE Linux Enterprise Desktop 12 SP4
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.
ModerateCVE-2019-15847SUSE bug 1149145cpe:/o:suse:sled:12:sp4CVE-2019-15890SUSE Linux Enterprise Desktop 12 SP4
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
ModerateCVE-2019-15890SUSE bug 1149811SUSE bug 1149813SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-15902SUSE Linux Enterprise Desktop 12 SP4
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
ModerateCVE-2019-15902SUSE bug 1149376SUSE bug 1155131cpe:/o:suse:sled:12:sp4CVE-2019-15903SUSE Linux Enterprise Desktop 12 SP4
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
ModerateCVE-2019-15903SUSE bug 1149429SUSE bug 1154738SUSE bug 1154806cpe:/o:suse:sled:12:sp4CVE-2019-15916SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
LowCVE-2019-15916SUSE bug 1149448cpe:/o:suse:sled:12:sp4CVE-2019-15917SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
ImportantCVE-2019-15917SUSE bug 1149539SUSE bug 1156334cpe:/o:suse:sled:12:sp4CVE-2019-15919SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
ImportantCVE-2019-15919SUSE bug 1149552SUSE bug 1172957cpe:/o:suse:sled:12:sp4CVE-2019-15920SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.
ImportantCVE-2019-15920SUSE bug 1149626SUSE bug 1156335cpe:/o:suse:sled:12:sp4CVE-2019-15921SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
LowCVE-2019-15921SUSE bug 1149602cpe:/o:suse:sled:12:sp4CVE-2019-15922SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.
ModerateCVE-2019-15922SUSE bug 1149607cpe:/o:suse:sled:12:sp4CVE-2019-15923SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.
ModerateCVE-2019-15923SUSE bug 1149609cpe:/o:suse:sled:12:sp4CVE-2019-15924SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
LowCVE-2019-15924SUSE bug 1149612cpe:/o:suse:sled:12:sp4CVE-2019-15925SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.
ImportantCVE-2019-15925SUSE bug 1149532cpe:/o:suse:sled:12:sp4CVE-2019-15926SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
ModerateCVE-2019-15926SUSE bug 1149527cpe:/o:suse:sled:12:sp4CVE-2019-15927SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
ModerateCVE-2019-15927SUSE bug 1149522cpe:/o:suse:sled:12:sp4CVE-2019-15961SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.
ImportantCVE-2019-15961SUSE bug 1157763SUSE bug 1180082cpe:/o:suse:sled:12:sp4CVE-2019-16056SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.
ModerateCVE-2019-16056SUSE bug 1149955cpe:/o:suse:sled:12:sp4CVE-2019-16088SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.
ModerateCVE-2019-16088SUSE bug 1150205cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-16089SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
ModerateCVE-2019-16089SUSE bug 1150004cpe:/o:suse:sled:12:sp4CVE-2019-16167SUSE Linux Enterprise Desktop 12 SP4
sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.
ModerateCVE-2019-16167SUSE bug 1150114cpe:/o:suse:sled:12:sp4CVE-2019-16168SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP4
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
ModerateCVE-2019-16168SUSE bug 1150137SUSE bug 1160968cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp4CVE-2019-16201SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.
ModerateCVE-2019-16201SUSE bug 1152995cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-16229SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id.
ModerateCVE-2019-16229SUSE bug 1150469cpe:/o:suse:sled:12:sp4CVE-2019-16231SUSE Linux Enterprise Desktop 12 SP4
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
ModerateCVE-2019-16231SUSE bug 1150466cpe:/o:suse:sled:12:sp4CVE-2019-16232SUSE Linux Enterprise Desktop 12 SP4
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
ModerateCVE-2019-16232SUSE bug 1150465cpe:/o:suse:sled:12:sp4CVE-2019-16233SUSE Linux Enterprise Desktop 12 SP4
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
ModerateCVE-2019-16233SUSE bug 1150457cpe:/o:suse:sled:12:sp4CVE-2019-16234SUSE Linux Enterprise Desktop 12 SP4
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
ModerateCVE-2019-16234SUSE bug 1150452cpe:/o:suse:sled:12:sp4CVE-2019-16239SUSE Linux Enterprise Desktop 12 SP4
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
ModerateCVE-2019-16239SUSE bug 1151178cpe:/o:suse:sled:12:sp4CVE-2019-16255SUSE Linux Enterprise Desktop 12 SP4
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.
ImportantCVE-2019-16255SUSE bug 1152990cpe:/o:suse:sled:12:sp4CVE-2019-16319SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.
ModerateCVE-2019-16319SUSE bug 1150690cpe:/o:suse:sled:12:sp4CVE-2019-16708SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
ModerateCVE-2019-16708SUSE bug 1151781cpe:/o:suse:sled:12:sp4CVE-2019-16709SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
ModerateCVE-2019-16709SUSE bug 1151782cpe:/o:suse:sled:12:sp4CVE-2019-16710SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
ModerateCVE-2019-16710SUSE bug 1151783cpe:/o:suse:sled:12:sp4CVE-2019-16711SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
ModerateCVE-2019-16711SUSE bug 1151784cpe:/o:suse:sled:12:sp4CVE-2019-16712SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
ModerateCVE-2019-16712SUSE bug 1151785cpe:/o:suse:sled:12:sp4CVE-2019-16713SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
ModerateCVE-2019-16713SUSE bug 1151786cpe:/o:suse:sled:12:sp4CVE-2019-16714SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.
ModerateCVE-2019-16714SUSE bug 1151791cpe:/o:suse:sled:12:sp4CVE-2019-16905SUSE Linux Enterprise Desktop 12 SP4
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
ModerateCVE-2019-16905SUSE bug 1153537cpe:/o:suse:sled:12:sp4CVE-2019-16921SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813.
ImportantCVE-2019-16921SUSE bug 1152516cpe:/o:suse:sled:12:sp4CVE-2019-16927SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877.
ModerateCVE-2019-16927SUSE bug 1154829cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-16935SUSE Linux Enterprise Desktop 12 SP4
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
ModerateCVE-2019-16935SUSE bug 1153238cpe:/o:suse:sled:12:sp4CVE-2019-17000SUSE Linux Enterprise Desktop 12 SP4
An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox < 70.
ModerateCVE-2019-17000cpe:/o:suse:sled:12:sp4CVE-2019-17001SUSE Linux Enterprise Desktop 12 SP4
A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execute JavaScript in the protected document (cross-site scripting). This is a separate bypass from CVE-2019-17000.*Note: This flaw only affected Firefox 69 and was not present in earlier versions.*. This vulnerability affects Firefox < 70.
ModerateCVE-2019-17001cpe:/o:suse:sled:12:sp4CVE-2019-17002SUSE Linux Enterprise Desktop 12 SP4
If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox < 70.
ModerateCVE-2019-17002cpe:/o:suse:sled:12:sp4CVE-2019-17005SUSE Linux Enterprise Desktop 12 SP4
The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17005SUSE bug 1158328cpe:/o:suse:sled:12:sp4CVE-2019-17006SUSE Linux Enterprise Desktop 12 SP4
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
ModerateCVE-2019-17006SUSE bug 1159819cpe:/o:suse:sled:12:sp4CVE-2019-17008SUSE Linux Enterprise Desktop 12 SP4
When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17008SUSE bug 1158328cpe:/o:suse:sled:12:sp4CVE-2019-17009SUSE Linux Enterprise Desktop 12 SP4
When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17009SUSE bug 1158328cpe:/o:suse:sled:12:sp4CVE-2019-17010SUSE Linux Enterprise Desktop 12 SP4
Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17010SUSE bug 1158328cpe:/o:suse:sled:12:sp4CVE-2019-17011SUSE Linux Enterprise Desktop 12 SP4
Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17011SUSE bug 1158328cpe:/o:suse:sled:12:sp4CVE-2019-17012SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17012SUSE bug 1158328cpe:/o:suse:sled:12:sp4CVE-2019-17013SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 71.
ImportantCVE-2019-17013cpe:/o:suse:sled:12:sp4CVE-2019-17014SUSE Linux Enterprise Desktop 12 SP4
If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox < 71.
ModerateCVE-2019-17014cpe:/o:suse:sled:12:sp4CVE-2019-17015SUSE Linux Enterprise Desktop 12 SP4
During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17015SUSE bug 1160305cpe:/o:suse:sled:12:sp4CVE-2019-17016SUSE Linux Enterprise Desktop 12 SP4
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17016SUSE bug 1160305cpe:/o:suse:sled:12:sp4CVE-2019-17017SUSE Linux Enterprise Desktop 12 SP4
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ImportantCVE-2019-17017SUSE bug 1160305cpe:/o:suse:sled:12:sp4CVE-2019-17021SUSE Linux Enterprise Desktop 12 SP4
During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17021SUSE bug 1160305cpe:/o:suse:sled:12:sp4CVE-2019-17022SUSE Linux Enterprise Desktop 12 SP4
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17022SUSE bug 1160305cpe:/o:suse:sled:12:sp4CVE-2019-17024SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17024SUSE bug 1160305cpe:/o:suse:sled:12:sp4CVE-2019-17026SUSE Linux Enterprise Desktop 12 SP4
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
ModerateCVE-2019-17026SUSE bug 1160498cpe:/o:suse:sled:12:sp4CVE-2019-17040SUSE Linux Enterprise Desktop 12 SP4
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.
ImportantCVE-2019-17040SUSE bug 1152599cpe:/o:suse:sled:12:sp4CVE-2019-17041SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.
ModerateCVE-2019-17041SUSE bug 1153451SUSE bug 1198831cpe:/o:suse:sled:12:sp4CVE-2019-17042SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.
ModerateCVE-2019-17042SUSE bug 1153459SUSE bug 1198831cpe:/o:suse:sled:12:sp4CVE-2019-17052SUSE Linux Enterprise Desktop 12 SP4
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
ModerateCVE-2019-17052SUSE bug 1152779cpe:/o:suse:sled:12:sp4CVE-2019-17053SUSE Linux Enterprise Desktop 12 SP4
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
ModerateCVE-2019-17053SUSE bug 1152789cpe:/o:suse:sled:12:sp4CVE-2019-17054SUSE Linux Enterprise Desktop 12 SP4
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
LowCVE-2019-17054SUSE bug 1152786cpe:/o:suse:sled:12:sp4CVE-2019-17055SUSE Linux Enterprise Desktop 12 SP4
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
ModerateCVE-2019-17055SUSE bug 1152782cpe:/o:suse:sled:12:sp4CVE-2019-17056SUSE Linux Enterprise Desktop 12 SP4
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
ModerateCVE-2019-17056SUSE bug 1152788cpe:/o:suse:sled:12:sp4CVE-2019-17064SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
ModerateCVE-2019-17064SUSE bug 1152783cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-17133SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
ImportantCVE-2019-17133SUSE bug 1153158SUSE bug 1153161cpe:/o:suse:sled:12:sp4CVE-2019-17177SUSE Linux Enterprise Desktop 12 SP4
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
ModerateCVE-2019-17177SUSE bug 1153163cpe:/o:suse:sled:12:sp4CVE-2019-17178SUSE Linux Enterprise Desktop 12 SP4
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
ModerateCVE-2019-17178SUSE bug 1153164cpe:/o:suse:sled:12:sp4CVE-2019-17266SUSE Linux Enterprise Desktop 12 SP4
libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy.
ImportantCVE-2019-17266SUSE bug 1153224cpe:/o:suse:sled:12:sp4CVE-2019-17340SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled.
ImportantCVE-2019-17340SUSE bug 1126140SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-17341SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device.
ImportantCVE-2019-17341SUSE bug 1126141SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-17342SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced.
ImportantCVE-2019-17342SUSE bug 1126192SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-17343SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains.
ImportantCVE-2019-17343SUSE bug 1126195SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-17344SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates.
ImportantCVE-2019-17344SUSE bug 1126196SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-17345SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV guest OS users to cause a denial of service because mishandling of failed IOMMU operations causes a bug check during the cleanup of a crashed guest.
ImportantCVE-2019-17345SUSE bug 1126197cpe:/o:suse:sled:12:sp4CVE-2019-17346SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers (PCID) and TLB flushes.
ImportantCVE-2019-17346SUSE bug 1126198cpe:/o:suse:sled:12:sp4CVE-2019-17347SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels).
ImportantCVE-2019-17347SUSE bug 1126201cpe:/o:suse:sled:12:sp4CVE-2019-17348SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service because of an incompatibility between Process Context Identifiers (PCID) and shadow-pagetable switching.
ModerateCVE-2019-17348SUSE bug 1127400cpe:/o:suse:sled:12:sp4CVE-2019-17349SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.
ModerateCVE-2019-17349SUSE bug 1138294cpe:/o:suse:sled:12:sp3CVE-2019-17350SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.
ModerateCVE-2019-17350SUSE bug 1138294cpe:/o:suse:sled:12:sp3CVE-2019-17362SUSE Linux Enterprise Desktop 12 SP4
In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.
ModerateCVE-2019-17362SUSE bug 1153433cpe:/o:suse:sled:12:sp4CVE-2019-17371SUSE Linux Enterprise Desktop 12 SP4
gif2png 2.5.13 has a memory leak in the writefile function.
ModerateCVE-2019-17371SUSE bug 1153552cpe:/o:suse:sled:12:sp4CVE-2019-17498SUSE Linux Enterprise Desktop 12 SP4
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
ModerateCVE-2019-17498SUSE bug 1154862SUSE bug 1171566cpe:/o:suse:sled:12:sp4CVE-2019-17514SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that security-relevant code elsewhere is affected. This issue is not a Python implementation bug, and there are no reports that NMR researchers were specifically relying on library/glob.html. In other words, because the older documentation stated "finds all the pathnames matching a specified pattern according to the rules used by the Unix shell," one might have incorrectly inferred that the sorting that occurs in a Unix shell also occurred for glob.glob. There is a workaround in newer versions of Willoughby nmr-data_compilation-p2.py and nmr-data_compilation-p3.py, which call sort() directly.
LowCVE-2019-17514SUSE bug 1154297cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-17541SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
ModerateCVE-2019-17541SUSE bug 1153867cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-17544SUSE Linux Enterprise Desktop 12 SP4
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
LowCVE-2019-17544SUSE bug 1153892cpe:/o:suse:sled:12:sp4CVE-2019-17547SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
ModerateCVE-2019-17547SUSE bug 1153868cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-17594SUSE Linux Enterprise Desktop 12 SP4
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
ModerateCVE-2019-17594SUSE bug 1154036cpe:/o:suse:sled:12:sp4CVE-2019-17595SUSE Linux Enterprise Desktop 12 SP4
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
ModerateCVE-2019-17595SUSE bug 1154037cpe:/o:suse:sled:12:sp4CVE-2019-17624SUSE Linux Enterprise Desktop 12 SP4
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified other impact. Note: It is disputed if the X.Org X Server is involved or if there is a stack overflow.
ModerateCVE-2019-17624SUSE bug 1154325cpe:/o:suse:sled:12:sp4CVE-2019-17666SUSE Linux Enterprise Desktop 12 SP4
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
ModerateCVE-2019-17666SUSE bug 1154372cpe:/o:suse:sled:12:sp4CVE-2019-1785SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system.
ModerateCVE-2019-1785SUSE bug 1130721SUSE bug 1137508cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1786SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
ModerateCVE-2019-1786SUSE bug 1130721SUSE bug 1137510cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1787SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
ModerateCVE-2019-1787SUSE bug 1130721cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1788SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device.
ModerateCVE-2019-1788SUSE bug 1130721cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1789SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.
ModerateCVE-2019-1789SUSE bug 1130721cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-1798SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
ImportantCVE-2019-1798SUSE bug 1130721SUSE bug 1137513cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-18198SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753.
ModerateCVE-2019-18198SUSE bug 1154617cpe:/o:suse:sled:12:sp4CVE-2019-18281SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.
ModerateCVE-2019-18281SUSE bug 1155020cpe:/o:suse:sled:12:sp4CVE-2019-18282SUSE Linux Enterprise Desktop 12 SP1
The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashrnd value remains the same starting from boot time, and can be inferred by an attacker. This affects net/core/flow_dissector.c and related code.
ModerateCVE-2019-18282SUSE bug 1161121cpe:/o:suse:sled:12:sp1CVE-2019-18388SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.
ModerateCVE-2019-18388SUSE bug 1159479cpe:/o:suse:sled:12:sp4CVE-2019-18389SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
ImportantCVE-2019-18389SUSE bug 1159482cpe:/o:suse:sled:12:sp4CVE-2019-18390SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.
ModerateCVE-2019-18390SUSE bug 1159478cpe:/o:suse:sled:12:sp4CVE-2019-18391SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
ImportantCVE-2019-18391SUSE bug 1159486cpe:/o:suse:sled:12:sp4CVE-2019-18392SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
LowCVE-2019-18392SUSE bug 1159454cpe:/o:suse:sled:12:sp4CVE-2019-18397SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat.
ImportantCVE-2019-18397SUSE bug 1156260cpe:/o:suse:sled:12:sp4CVE-2019-18408SUSE Linux Enterprise Desktop 12 SP4
archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.
ModerateCVE-2019-18408SUSE bug 1155079cpe:/o:suse:sled:12:sp4CVE-2019-18420SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format character was done using BUG(), which crashes Xen. One path, via the VCPUOP_initialise hypercall, has a bad format character. The BUG() can be hit if VCPUOP_initialise executes for a sufficiently long period of time for a continuation to be created. Malicious guests may cause a hypervisor crash, resulting in a Denial of Service (DoS). Xen versions 4.6 and newer are vulnerable. Xen versions 4.5 and earlier are not vulnerable. Only x86 PV guests can exploit the vulnerability. HVM and PVH guests, and guests on ARM systems, cannot exploit the vulnerability.
ImportantCVE-2019-18420SUSE bug 1154448cpe:/o:suse:sled:12:sp4CVE-2019-18421SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen exposes the actual hardware pagetables to the guest. In order to prevent the guest from modifying these page tables directly, Xen keeps track of how pages are used using a type system; pages must be "promoted" before being used as a pagetable, and "demoted" before being used for any other type. Xen also allows for "recursive" promotions: i.e., an operating system promoting a page to an L4 pagetable may end up causing pages to be promoted to L3s, which may in turn cause pages to be promoted to L2s, and so on. These operations may take an arbitrarily large amount of time, and so must be re-startable. Unfortunately, making recursive pagetable promotion and demotion operations restartable is incredibly complicated, and the code contains several races which, if triggered, can cause Xen to drop or retain extra type counts, potentially allowing guests to get write access to in-use pagetables. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All x86 systems with untrusted PV guests are vulnerable. HVM and PVH guests cannot exercise this vulnerability.
ImportantCVE-2019-18421SUSE bug 1154458SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-18422SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditionally unmasked in exception handlers. When an exception occurs on an ARM system which is handled without changing processor level, some interrupts are unconditionally enabled during exception entry. So exceptions which occur when interrupts are masked will effectively unmask the interrupts. A malicious guest might contrive to arrange for critical Xen code to run with interrupts erroneously enabled. This could lead to data corruption, denial of service, or possibly even privilege escalation. However a precise attack technique has not been identified.
ImportantCVE-2019-18422SUSE bug 1154464cpe:/o:suse:sled:12:sp4CVE-2019-18423SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. p2m->max_mapped_gfn is used by the functions p2m_resolve_translation_fault() and p2m_get_entry() to sanity check guest physical frame. The rest of the code in the two functions will assume that there is a valid root table and check that with BUG_ON(). The function p2m_get_root_pointer() will ignore the unused top bits of a guest physical frame. This means that the function p2m_set_entry() will alias the frame. However, p2m->max_mapped_gfn will be updated using the original frame. It would be possible to set p2m->max_mapped_gfn high enough to cover a frame that would lead p2m_get_root_pointer() to return NULL in p2m_get_entry() and p2m_resolve_translation_fault(). Additionally, the sanity check on p2m->max_mapped_gfn is off-by-one allowing "highest mapped + 1" to be considered valid. However, p2m_get_root_pointer() will return NULL. The problem could be triggered with a specially crafted hypercall XENMEM_add_to_physmap{, _batch} followed by an access to an address (via hypercall or direct access) that passes the sanity check but cause p2m_get_root_pointer() to return NULL. A malicious guest administrator may cause a hypervisor crash, resulting in a Denial of Service (DoS). Xen version 4.8 and newer are vulnerable. Only Arm systems are vulnerable. x86 systems are not affected.
ImportantCVE-2019-18423SUSE bug 1154460cpe:/o:suse:sled:12:sp4CVE-2019-18424SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to an untrusted domain, it is possible for that domain to program the device to DMA to an arbitrary address. The IOMMU is used to protect the host from malicious DMA by making sure that the device addresses can only target memory assigned to the guest. However, when the guest domain is torn down, or the device is deassigned, the device is assigned back to dom0, thus allowing any in-flight DMA to potentially target critical host data. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable.
ImportantCVE-2019-18424SUSE bug 1154461cpe:/o:suse:sled:12:sp4CVE-2019-18425SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performed by the emulating code. Such accesses should respect the guest specified limits, unless otherwise guaranteed to fail in such a case. Without this, emulation of 32-bit guest user mode calls through call gates would allow guest user mode to install and then use descriptors of their choice, as long as the guest kernel did not itself install an LDT. (Most OSes don't install any LDT by default). 32-bit PV guest user mode can elevate its privileges to that of the guest kernel. Xen versions from at least 3.2 onwards are affected. Only 32-bit PV guest user mode can leverage this vulnerability. HVM, PVH, as well as 64-bit PV guests cannot leverage this vulnerability. Arm systems are unaffected.
ImportantCVE-2019-18425SUSE bug 1154456SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-18604SUSE Linux Enterprise Desktop 12 SP4
In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.
ImportantCVE-2019-18604SUSE bug 1155411cpe:/o:suse:sled:12:sp4CVE-2019-18634SUSE Linux Enterprise Desktop 12 SP4
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
CriticalCVE-2019-18634SUSE bug 1162202cpe:/o:suse:sled:12:sp4CVE-2019-18660SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
ModerateCVE-2019-18660SUSE bug 1157038SUSE bug 1157923cpe:/o:suse:sled:12:sp4CVE-2019-18675SUSE Linux Enterprise Desktop 12 SP4
The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation.
ModerateCVE-2019-18675SUSE bug 1157804cpe:/o:suse:sled:12:sp4CVE-2019-18680SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.
ImportantCVE-2019-18680SUSE bug 1155898SUSE bug 1173867cpe:/o:suse:sled:12:sp4CVE-2019-18683SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.
ImportantCVE-2019-18683SUSE bug 1155897SUSE bug 1173868cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-18684SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=(ALL) NOPASSWD:ALL" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.
ModerateCVE-2019-18684SUSE bug 1155886cpe:/o:suse:sled:12:sp4CVE-2019-18786SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.
LowCVE-2019-18786SUSE bug 1156043cpe:/o:suse:sled:12:sp4CVE-2019-18805SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.
LowCVE-2019-18805SUSE bug 1156187cpe:/o:suse:sled:12:sp4CVE-2019-18807SUSE Linux Enterprise Desktop 12 SP4
Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11.
ModerateCVE-2019-18807SUSE bug 1160881cpe:/o:suse:sled:12:sp4CVE-2019-18808SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
ModerateCVE-2019-18808SUSE bug 1156259SUSE bug 1189884SUSE bug 1190534cpe:/o:suse:sled:12:sp4CVE-2019-18809SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.
ModerateCVE-2019-18809SUSE bug 1156258cpe:/o:suse:sled:12:sp4CVE-2019-18810SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.
ModerateCVE-2019-18810SUSE bug 1156257cpe:/o:suse:sled:12:sp4CVE-2019-18811SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1.
ModerateCVE-2019-18811SUSE bug 1159374cpe:/o:suse:sled:12:sp4CVE-2019-18812SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.
ModerateCVE-2019-18812SUSE bug 1156277cpe:/o:suse:sled:12:sp4CVE-2019-18813SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.
ModerateCVE-2019-18813SUSE bug 1156278cpe:/o:suse:sled:12:sp4CVE-2019-18814SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
ModerateCVE-2019-18814SUSE bug 1156256cpe:/o:suse:sled:12:sp4CVE-2019-18853SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
ModerateCVE-2019-18853SUSE bug 1156520cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-18898SUSE Linux Enterprise Desktop 12 SP4
UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1.
ModerateCVE-2019-18898SUSE bug 1154062SUSE bug 1157651cpe:/o:suse:sled:12:sp4CVE-2019-18900SUSE Linux Enterprise Desktop 12 SP4
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1.
ModerateCVE-2019-18900SUSE bug 1158763cpe:/o:suse:sled:12:sp4CVE-2019-18902SUSE Linux Enterprise Desktop 12 SP4
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62.
ModerateCVE-2019-18902SUSE bug 1160903cpe:/o:suse:sled:12:sp4CVE-2019-18903SUSE Linux Enterprise Desktop 12 SP4
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62.
ModerateCVE-2019-18903SUSE bug 1160904cpe:/o:suse:sled:12:sp4CVE-2019-19037SUSE Linux Enterprise Desktop 12 SP4
ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.
ModerateCVE-2019-19037SUSE bug 1157717cpe:/o:suse:sled:12:sp4CVE-2019-19039SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because “1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.”
ModerateCVE-2019-19039SUSE bug 1157719cpe:/o:suse:sled:12:sp4CVE-2019-19043SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459.
ModerateCVE-2019-19043SUSE bug 1159375cpe:/o:suse:sled:12:sp4CVE-2019-19044SUSE Linux Enterprise Desktop 12 SP4
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.
ModerateCVE-2019-19044SUSE bug 1159370cpe:/o:suse:sled:12:sp4CVE-2019-19046SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time.
ModerateCVE-2019-19046SUSE bug 1157304cpe:/o:suse:sled:12:sp4CVE-2019-19047SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5.
ModerateCVE-2019-19047SUSE bug 1157715cpe:/o:suse:sled:12:sp4CVE-2019-19048SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.
ImportantCVE-2019-19048SUSE bug 1157720cpe:/o:suse:sled:12:sp4CVE-2019-19049SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot.
ModerateCVE-2019-19049SUSE bug 1157173cpe:/o:suse:sled:12:sp4CVE-2019-19050SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
ModerateCVE-2019-19050SUSE bug 1157336cpe:/o:suse:sled:12:sp4CVE-2019-19051SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.
ModerateCVE-2019-19051SUSE bug 1159024cpe:/o:suse:sled:12:sp4CVE-2019-19052SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
ModerateCVE-2019-19052SUSE bug 1157324cpe:/o:suse:sled:12:sp4CVE-2019-19053SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.
ImportantCVE-2019-19053SUSE bug 1161520cpe:/o:suse:sled:12:sp4CVE-2019-19055SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of this because it occurs on a code path where a successful allocation has already occurred.
ImportantCVE-2019-19055SUSE bug 1157319cpe:/o:suse:sled:12:sp4CVE-2019-19056SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.
ModerateCVE-2019-19056SUSE bug 1157197cpe:/o:suse:sled:12:sp4CVE-2019-19057SUSE Linux Enterprise Desktop 12 SP4
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
ModerateCVE-2019-19057SUSE bug 1157193SUSE bug 1157197cpe:/o:suse:sled:12:sp4CVE-2019-19058SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.
ModerateCVE-2019-19058SUSE bug 1157145cpe:/o:suse:sled:12:sp4CVE-2019-19059SUSE Linux Enterprise Desktop 12 SP4
Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa.
ModerateCVE-2019-19059SUSE bug 1157296cpe:/o:suse:sled:12:sp4CVE-2019-19060SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
ModerateCVE-2019-19060SUSE bug 1157178cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp4CVE-2019-19061SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
ModerateCVE-2019-19061SUSE bug 1157192cpe:/o:suse:sled:12:sp4CVE-2019-19062SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
ModerateCVE-2019-19062SUSE bug 1157333cpe:/o:suse:sled:12:sp4CVE-2019-19063SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP4
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
ModerateCVE-2019-19063SUSE bug 1157298cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp4CVE-2019-19064SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control these failures at probe time.
ModerateCVE-2019-19064SUSE bug 1157300cpe:/o:suse:sled:12:sp4CVE-2019-19065SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because "rhashtable_init() can only fail if it is passed invalid values in the second parameter's struct, but when invoked from sdma_init() that is a pointer to a static const struct, so an attacker could only trigger failure if they could corrupt kernel memory (in which case a small memory leak is not a significant problem)."
ImportantCVE-2019-19065SUSE bug 1157191SUSE bug 1173961cpe:/o:suse:sled:12:sp4CVE-2019-19067SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading.
ModerateCVE-2019-19067SUSE bug 1157180cpe:/o:suse:sled:12:sp4CVE-2019-19068SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.
ModerateCVE-2019-19068SUSE bug 1157307cpe:/o:suse:sled:12:sp4CVE-2019-19069SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.
ModerateCVE-2019-19069SUSE bug 1157064cpe:/o:suse:sled:12:sp4CVE-2019-19070SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began.
ImportantCVE-2019-19070SUSE bug 1157294cpe:/o:suse:sled:12:sp4CVE-2019-19071SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.
ModerateCVE-2019-19071SUSE bug 1157067cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19072SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.
ModerateCVE-2019-19072SUSE bug 1157069cpe:/o:suse:sled:12:sp4CVE-2019-19073SUSE Linux Enterprise Desktop 12 SP4
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.
ModerateCVE-2019-19073SUSE bug 1157070cpe:/o:suse:sled:12:sp4CVE-2019-19074SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
ModerateCVE-2019-19074SUSE bug 1157143cpe:/o:suse:sled:12:sp4CVE-2019-19075SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.
LowCVE-2019-19075SUSE bug 1157162SUSE bug 1173958cpe:/o:suse:sled:12:sp4CVE-2019-19076SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted.
ModerateCVE-2019-19076SUSE bug 1157164cpe:/o:suse:sled:12:sp4CVE-2019-19077SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.
ModerateCVE-2019-19077SUSE bug 1157171cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp4CVE-2019-19078SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.
ModerateCVE-2019-19078SUSE bug 1157032cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19079SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.
ImportantCVE-2019-19079SUSE bug 1157039cpe:/o:suse:sled:12:sp4CVE-2019-19080SUSE Linux Enterprise Desktop 12 SP4
Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.
ModerateCVE-2019-19080SUSE bug 1157044cpe:/o:suse:sled:12:sp4CVE-2019-19081SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.
ModerateCVE-2019-19081SUSE bug 1157045cpe:/o:suse:sled:12:sp4CVE-2019-19082SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.
ModerateCVE-2019-19082SUSE bug 1157046cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19083SUSE Linux Enterprise Desktop 12 SP4
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.
ModerateCVE-2019-19083SUSE bug 1157049cpe:/o:suse:sled:12:sp4CVE-2019-19126SUSE Linux Enterprise Desktop 12 SP4
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
LowCVE-2019-19126SUSE bug 1157292cpe:/o:suse:sled:12:sp4CVE-2019-19227SUSE Linux Enterprise Desktop 12 SP4
In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.
ModerateCVE-2019-19227SUSE bug 1157678cpe:/o:suse:sled:12:sp4CVE-2019-19232SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.
ModerateCVE-2019-19232SUSE bug 1159618cpe:/o:suse:sled:12:sp4CVE-2019-19234SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user. NOTE: The software maintainer believes that this CVE is not valid. Disabling local password authentication for a user is not the same as disabling all access to that user--the user may still be able to login via other means (ssh key, kerberos, etc). Both the Linux shadow(5) and passwd(1) manuals are clear on this. Indeed it is a valid use case to have local accounts that are _only_ accessible via sudo and that cannot be logged into with a password. Sudo 1.8.30 added an optional setting to check the _shell_ of the target user (not the encrypted password!) against the contents of /etc/shells but that is not the same thing as preventing access to users with an invalid password hash.
ImportantCVE-2019-19234SUSE bug 1159616cpe:/o:suse:sled:12:sp4CVE-2019-19241SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/io_uring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to the loopback interface. This occurs because IORING_OP_SENDMSG operations, although requested in the context of an unprivileged user, are sometimes performed by a kernel worker thread without considering that context.
ModerateCVE-2019-19241SUSE bug 1159441cpe:/o:suse:sled:12:sp4CVE-2019-19242SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.
ModerateCVE-2019-19242SUSE bug 1157817cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19244SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.
ModerateCVE-2019-19244SUSE bug 1157817SUSE bug 1157818cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19252SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.
ModerateCVE-2019-19252SUSE bug 1157813cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19319SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.
ModerateCVE-2019-19319SUSE bug 1158021cpe:/o:suse:sled:12:sp4CVE-2019-19332SUSE Linux Enterprise Desktop 12 SP1
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
ModerateCVE-2019-19332SUSE bug 1158827cpe:/o:suse:sled:12:sp1CVE-2019-19337SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server.
ModerateCVE-2019-19337SUSE bug 1159617cpe:/o:suse:sled:12:sp4CVE-2019-19344SUSE Linux Enterprise Desktop 12 SP4
There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
ModerateCVE-2019-19344SUSE bug 1160852cpe:/o:suse:sled:12:sp4CVE-2019-19378SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
ImportantCVE-2019-19378SUSE bug 1158270SUSE bug 1185853cpe:/o:suse:sled:12:sp4CVE-2019-19449SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
ImportantCVE-2019-19449SUSE bug 1158821cpe:/o:suse:sled:12:sp4CVE-2019-19451SUSE Linux Enterprise Desktop 12 SP4
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's logging facility (potentially with elevated privileges), thus filling up the disk and eventually rendering the system unusable. (The filename can be for a nonexistent file.) NOTE: this does not affect an upstream release, but affects certain Linux distribution packages with version numbers such as 0.97.3.
LowCVE-2019-19451SUSE bug 1158194cpe:/o:suse:sled:12:sp4CVE-2019-19480SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry.
LowCVE-2019-19480SUSE bug 1158307SUSE bug 1179291cpe:/o:suse:sled:12:sp4CVE-2019-19481SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates.
ModerateCVE-2019-19481SUSE bug 1158305SUSE bug 1179291cpe:/o:suse:sled:12:sp4CVE-2019-19524SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
LowCVE-2019-19524SUSE bug 1158381SUSE bug 1158413SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-19528SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.
ModerateCVE-2019-19528SUSE bug 1158381SUSE bug 1158407SUSE bug 1158834cpe:/o:suse:sled:12:sp4CVE-2019-19553SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.
ImportantCVE-2019-19553SUSE bug 1158505cpe:/o:suse:sled:12:sp4CVE-2019-19577SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU, Xen attempted to dynamically adapt the number of levels of pagetables (the pagetable height) in the IOMMU according to the guest's address space size. The code to select and update the height had several bugs. Notably, the update was done without taking a lock which is necessary for safe operation. A malicious guest administrator can cause Xen to access data structures while they are being modified, causing Xen to crash. Privilege escalation is thought to be very difficult but cannot be ruled out. Additionally, there is a potential memory leak of 4kb per guest boot, under memory pressure. Only Xen on AMD CPUs is vulnerable. Xen running on Intel CPUs is not vulnerable. ARM systems are not vulnerable. Only systems where guests are given direct access to physical devices are vulnerable. Systems which do not use PCI pass-through are not vulnerable. Only HVM guests can exploit the vulnerability. PV and PVH guests cannot. All versions of Xen with IOMMU support are vulnerable.
ImportantCVE-2019-19577SUSE bug 1158007cpe:/o:suse:sled:12:sp4CVE-2019-19578SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to another pagetable of the same or higher level. Xen has limited support for linear pagetables: A page may either point to itself, or point to another pagetable of the same level (i.e., L2 to L2, L3 to L3, and so on). XSA-240 introduced an additional restriction that limited the "depth" of such chains by allowing pages to either *point to* other pages of the same level, or *be pointed to* by other pages of the same level, but not both. To implement this, we keep track of the number of outstanding times a page points to or is pointed to another page table, to prevent both from happening at the same time. Unfortunately, the original commit introducing this reset this count when resuming validation of a partially-validated pagetable, incorrectly dropping some "linear_pt_entry" counts. If an attacker could engineer such a situation to occur, they might be able to make loops or other arbitrary chains of linear pagetables, as described in XSA-240. A malicious or buggy PV guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Privilege escalation and information leaks cannot be excluded. All versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Only systems which have enabled linear pagetables are vulnerable. Systems which have disabled linear pagetables, either by selecting CONFIG_PV_LINEAR_PT=n when building the hypervisor, or adding pv-linear-pt=false on the command-line, are not vulnerable.
ImportantCVE-2019-19578SUSE bug 1158005SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-19579SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's "assignable-add" feature to prepare devices to be assigned to untrusted guests. Unfortunately, this is not considered a strictly required step for device assignment. The PCI passthrough documentation on the wiki describes alternate ways of preparing devices for assignment, and libvirt uses its own ways as well. Hosts where these "alternate" methods are used will still leave the system in a vulnerable state after the device comes back from a guest. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable.
ModerateCVE-2019-19579SUSE bug 1157888cpe:/o:suse:sled:12:sp4CVE-2019-19580SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in restartable PV type change operations. Despite extensive testing and auditing, some corner cases were missed. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All security-supported versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Note that these attacks require very precise timing, which may be difficult to exploit in practice.
ModerateCVE-2019-19580SUSE bug 1158006SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-19581SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which may misbehave in certain corner cases: On 32-bit Arm accesses to bitmaps with bit a count which is a multiple of 32, an out of bounds access may occur. A malicious guest may cause a hypervisor crash or hang, resulting in a Denial of Service (DoS). All versions of Xen are vulnerable. 32-bit Arm systems are vulnerable. 64-bit Arm systems are not vulnerable.
ModerateCVE-2019-19581SUSE bug 1158003cpe:/o:suse:sled:12:sp4CVE-2019-19582SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service (infinite loop) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which may misbehave in certain corner cases: On x86 accesses to bitmaps with a compile time known size of 64 may incur undefined behavior, which may in particular result in infinite loops. A malicious guest may cause a hypervisor crash or hang, resulting in a Denial of Service (DoS). All versions of Xen are vulnerable. x86 systems with 64 or more nodes are vulnerable (there might not be any such systems that Xen would run on). x86 systems with less than 64 nodes are not vulnerable.
ModerateCVE-2019-19582SUSE bug 1158003cpe:/o:suse:sled:12:sp4CVE-2019-19583SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the need for #DB interception. The VMX VMEntry checks do not like the exact combination of state which occurs when #DB in intercepted, Single Stepping is active, and blocked by STI/MovSS is active, despite this being a legitimate state to be in. The resulting VMEntry failure is fatal to the guest. HVM/PVH guest userspace code may be able to crash the guest, resulting in a guest Denial of Service. All versions of Xen are affected. Only systems supporting VMX hardware virtual extensions (Intel, Cyrix, or Zhaoxin CPUs) are affected. Arm and AMD systems are unaffected. Only HVM/PVH guests are affected. PV guests cannot leverage the vulnerability.
ModerateCVE-2019-19583SUSE bug 1158004SUSE bug 1178658cpe:/o:suse:sled:12:sp4CVE-2019-19645SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
ModerateCVE-2019-19645SUSE bug 1158958cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19646SUSE Linux Enterprise Desktop 12 SP4
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
ModerateCVE-2019-19646SUSE bug 1158959cpe:/o:suse:sled:12:sp4CVE-2019-19725SUSE Linux Enterprise Desktop 12 SP4
sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c.
ImportantCVE-2019-19725SUSE bug 1159104cpe:/o:suse:sled:12:sp4CVE-2019-19746SUSE Linux Enterprise Desktop 12 SP4
make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.
ModerateCVE-2019-19746SUSE bug 1159130cpe:/o:suse:sled:12:sp4CVE-2019-19769SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).
ModerateCVE-2019-19769SUSE bug 1159280cpe:/o:suse:sled:12:sp4CVE-2019-19797SUSE Linux Enterprise Desktop 12 SP4
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
ModerateCVE-2019-19797SUSE bug 1159293cpe:/o:suse:sled:12:sp4CVE-2019-19807SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.
ModerateCVE-2019-19807SUSE bug 1159281cpe:/o:suse:sled:12:sp4CVE-2019-19814SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CriticalCVE-2019-19814SUSE bug 1159437cpe:/o:suse:sled:12:sp4CVE-2019-19815SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.
ModerateCVE-2019-19815SUSE bug 1159438cpe:/o:suse:sled:12:sp4CVE-2019-19880SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
ModerateCVE-2019-19880SUSE bug 1159491SUSE bug 1159715SUSE bug 1162833cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19882SUSE Linux Enterprise Desktop 12 SP4
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).
ModerateCVE-2019-19882SUSE bug 1159633cpe:/o:suse:sled:12:sp4CVE-2019-19922SUSE Linux Enterprise Desktop 12 SP4
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)
ModerateCVE-2019-19922SUSE bug 1159717cpe:/o:suse:sled:12:sp4CVE-2019-19923SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
ModerateCVE-2019-19923SUSE bug 1160309SUSE bug 1162833cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19924SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.
ModerateCVE-2019-19924SUSE bug 1159850cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19925SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
LowCVE-2019-19925SUSE bug 1159847SUSE bug 1162833cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19926SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
ImportantCVE-2019-19926SUSE bug 1159491SUSE bug 1159715SUSE bug 1162833cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19927SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm module.
ModerateCVE-2019-19927SUSE bug 1160147cpe:/o:suse:sled:12:sp4CVE-2019-19947SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
ModerateCVE-2019-19947SUSE bug 1159929cpe:/o:suse:sled:12:sp4CVE-2019-19948SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
ImportantCVE-2019-19948SUSE bug 1159861cpe:/o:suse:sled:12:sp4CVE-2019-19949SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
ModerateCVE-2019-19949SUSE bug 1160369cpe:/o:suse:sled:12:sp4CVE-2019-19951SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
ModerateCVE-2019-19951SUSE bug 1160321cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19952SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
ImportantCVE-2019-19952SUSE bug 1160426cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19953SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
ModerateCVE-2019-19953SUSE bug 1160364cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-19959SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.
ModerateCVE-2019-19959SUSE bug 1160438cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-20079SUSE Linux Enterprise Desktop 12 SP4
The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
ModerateCVE-2019-20079SUSE bug 1173113cpe:/o:suse:sled:12:sp4CVE-2019-20095SUSE Linux Enterprise Desktop 12 SP4
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.
ImportantCVE-2019-20095SUSE bug 1159909SUSE bug 1159914cpe:/o:suse:sled:12:sp4CVE-2019-20096SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.
ModerateCVE-2019-20096SUSE bug 1159908cpe:/o:suse:sled:12:sp4CVE-2019-2024SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111761954References: Upstream kernel
ModerateCVE-2019-2024SUSE bug 1129179cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2054SUSE Linux Enterprise Desktop 12 SP4
In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-119769499
ImportantCVE-2019-2054SUSE bug 1134561SUSE bug 1181039cpe:/o:suse:sled:12:sp4CVE-2019-20808SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.
ModerateCVE-2019-20808SUSE bug 1172379cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2126SUSE Linux Enterprise Desktop 12 SP4
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-127702368.
ImportantCVE-2019-2126SUSE bug 1160611cpe:/o:suse:sled:12:sp4CVE-2019-2182SUSE Linux Enterprise Desktop 12 SP4
In the Android kernel in the kernel MMU code there is a possible execution path leaving some kernel text and rodata pages writable. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
ImportantCVE-2019-2182SUSE bug 1150022cpe:/o:suse:sled:12:sp4CVE-2019-2201SUSE Linux Enterprise Desktop 12 SP4
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338
ImportantCVE-2019-2201SUSE bug 1156402cpe:/o:suse:sled:12:sp4CVE-2019-2213SUSE Linux Enterprise Desktop 12 SP4
In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernel
ModerateCVE-2019-2213SUSE bug 1156185cpe:/o:suse:sled:12:sp4CVE-2019-2214SUSE Linux Enterprise Desktop 12 SP4
In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-136210786References: Upstream kernel
ImportantCVE-2019-2214SUSE bug 1156186cpe:/o:suse:sled:12:sp4CVE-2019-2422SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2422SUSE bug 1122293cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2426SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2426SUSE bug 1134297cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2449SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2449SUSE bug 1122292cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2510SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2510SUSE bug 1122198cpe:/o:suse:sled:12:sp4CVE-2019-2529SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2529SUSE bug 1122198SUSE bug 1136037cpe:/o:suse:sled:12:sp4CVE-2019-2537SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2537SUSE bug 1122198SUSE bug 1136037cpe:/o:suse:sled:12:sp4CVE-2019-2602SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2602SUSE bug 1132728SUSE bug 1134718cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2614SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2614SUSE bug 1132826SUSE bug 1136035SUSE bug 1141798cpe:/o:suse:sled:12:sp4CVE-2019-2627SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2627SUSE bug 1132826SUSE bug 1136035SUSE bug 1141798cpe:/o:suse:sled:12:sp4CVE-2019-2628SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2628SUSE bug 1136035cpe:/o:suse:sled:12:sp4CVE-2019-2684SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
ModerateCVE-2019-2684SUSE bug 1132732SUSE bug 1134718SUSE bug 1184734cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2697SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
ModerateCVE-2019-2697SUSE bug 1132734SUSE bug 1134718cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2698SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
ModerateCVE-2019-2698SUSE bug 1132729SUSE bug 1134718cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-2737SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2737SUSE bug 1132826SUSE bug 1141798SUSE bug 1156669cpe:/o:suse:sled:12:sp4CVE-2019-2739SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
ModerateCVE-2019-2739SUSE bug 1132826SUSE bug 1141798SUSE bug 1156669cpe:/o:suse:sled:12:sp4CVE-2019-2740SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2740SUSE bug 1132826SUSE bug 1141798SUSE bug 1156669cpe:/o:suse:sled:12:sp4CVE-2019-2745SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
ModerateCVE-2019-2745SUSE bug 1141784cpe:/o:suse:sled:12:sp4CVE-2019-2758SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
ModerateCVE-2019-2758SUSE bug 1141798SUSE bug 1156669cpe:/o:suse:sled:12:sp4CVE-2019-2762SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2762SUSE bug 1141782SUSE bug 1147021cpe:/o:suse:sled:12:sp4CVE-2019-2766SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2766SUSE bug 1141789SUSE bug 1147021cpe:/o:suse:sled:12:sp4CVE-2019-2769SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2769SUSE bug 1141783SUSE bug 1147021cpe:/o:suse:sled:12:sp4CVE-2019-2786SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N).
ModerateCVE-2019-2786SUSE bug 1141787SUSE bug 1147021cpe:/o:suse:sled:12:sp4CVE-2019-2805SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2805SUSE bug 1132826SUSE bug 1141798SUSE bug 1156669cpe:/o:suse:sled:12:sp4CVE-2019-2816SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
ModerateCVE-2019-2816SUSE bug 1141785SUSE bug 1147021cpe:/o:suse:sled:12:sp4CVE-2019-2842SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2842SUSE bug 1141786cpe:/o:suse:sled:12:sp4CVE-2019-2894SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2894SUSE bug 1152856SUSE bug 1154212cpe:/o:suse:sled:12:sp4CVE-2019-2933SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2933SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2938SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
ImportantCVE-2019-2938SUSE bug 1154162SUSE bug 1156669cpe:/o:suse:sled:12:sp4CVE-2019-2945SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2945SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2949SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2949SUSE bug 1154212SUSE bug 1172277cpe:/o:suse:sled:12:sp4CVE-2019-2958SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
ModerateCVE-2019-2958SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2962SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2962SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2964SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2964SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2973SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2973SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2974SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ImportantCVE-2019-2974SUSE bug 1154162SUSE bug 1156669cpe:/o:suse:sled:12:sp4CVE-2019-2975SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).
ModerateCVE-2019-2975SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2978SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2978SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2981SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2981SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2983SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2983SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2987SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2987SUSE bug 1154212cpe:/o:suse:sled:12:sp4CVE-2019-2988SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2988SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2989SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 6.8 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N).
ModerateCVE-2019-2989SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2992SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2992SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-2999SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N).
ModerateCVE-2019-2999SUSE bug 1154212SUSE bug 1158442cpe:/o:suse:sled:12:sp4CVE-2019-3016SUSE Linux Enterprise Desktop 12 SP4
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.
ModerateCVE-2019-3016SUSE bug 1161154cpe:/o:suse:sled:12:sp4CVE-2019-3459SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
ModerateCVE-2019-3459SUSE bug 1120758cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3460SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
ModerateCVE-2019-3460SUSE bug 1120758SUSE bug 1155131cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3687SUSE Linux Enterprise Desktop 12 SP4
The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa.
ModerateCVE-2019-3687SUSE bug 1148788SUSE bug 1180102cpe:/o:suse:sled:12:sp4CVE-2019-3688SUSE Linux Enterprise Desktop 12 SP4
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary
ModerateCVE-2019-3688SUSE bug 1093414SUSE bug 1149108cpe:/o:suse:sled:12:sp4CVE-2019-3689SUSE Linux Enterprise Desktop 12 SP4
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.
ImportantCVE-2019-3689SUSE bug 1150733cpe:/o:suse:sled:12:sp4CVE-2019-3690SUSE Linux Enterprise Desktop 12 SP4
The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.
ModerateCVE-2019-3690SUSE bug 1148336SUSE bug 1150734SUSE bug 1157880SUSE bug 1157883SUSE bug 1160594SUSE bug 1160764SUSE bug 1163922cpe:/o:suse:sled:12:sp4CVE-2019-3811SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
ModerateCVE-2019-3811SUSE bug 1121759cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3812SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.
ModerateCVE-2019-3812SUSE bug 1118900SUSE bug 1125721cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3813SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
ImportantCVE-2019-3813SUSE bug 1122706cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3815SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-journald crash. This issue only affects versions shipped with Red Hat Enterprise since v219-62.2.
LowCVE-2019-3815SUSE bug 1108912SUSE bug 1120323SUSE bug 1122265cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3816SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.
ImportantCVE-2019-3816SUSE bug 1122623cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3819SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up and a denial of service. Versions from v4.18 and newer are vulnerable.
ModerateCVE-2019-3819SUSE bug 1123161cpe:/o:suse:sled:12:sp4CVE-2019-3820SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
ModerateCVE-2019-3820SUSE bug 1124493cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3821SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service.
ImportantCVE-2019-3821SUSE bug 1125080cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3822SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.
ImportantCVE-2019-3822SUSE bug 1123377SUSE bug 1141798cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3823SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.
ModerateCVE-2019-3823SUSE bug 1123378SUSE bug 1126909SUSE bug 1141798cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3824SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.
ModerateCVE-2019-3824SUSE bug 1125410SUSE bug 1130703cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3825SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.
ModerateCVE-2019-3825SUSE bug 1124628cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3829SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
ModerateCVE-2019-3829SUSE bug 1130681cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3832SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.
LowCVE-2019-3832SUSE bug 1117954SUSE bug 1125575cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3833SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.
ImportantCVE-2019-3833SUSE bug 1122623cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3835SUSE Linux Enterprise Desktop 12 SP4
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
ImportantCVE-2019-3835SUSE bug 1129180cpe:/o:suse:sled:12:sp4CVE-2019-3836SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
ModerateCVE-2019-3836SUSE bug 1130682cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3837SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption.
ModerateCVE-2019-3837SUSE bug 1131430cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3838SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
ImportantCVE-2019-3838SUSE bug 1018128SUSE bug 1030263SUSE bug 1032135SUSE bug 1038835SUSE bug 1050888SUSE bug 1050889SUSE bug 1106171SUSE bug 1106172SUSE bug 1106173SUSE bug 1107422SUSE bug 1107423SUSE bug 1107581SUSE bug 1111479SUSE bug 1112229SUSE bug 1114495SUSE bug 1117022SUSE bug 1117327SUSE bug 1118318SUSE bug 1129180SUSE bug 1129186SUSE bug 1136756cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3839SUSE Linux Enterprise Desktop 12 SP4
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.
ImportantCVE-2019-3839SUSE bug 1134156cpe:/o:suse:sled:12:sp4CVE-2019-3840SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.
ModerateCVE-2019-3840SUSE bug 1127458cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3842SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the "allow_active" element rather than "allow_any".
ModerateCVE-2019-3842SUSE bug 1132348cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3843SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.
ModerateCVE-2019-3843SUSE bug 1133506cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3844SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.
ModerateCVE-2019-3844SUSE bug 1133509cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3846SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
ImportantCVE-2019-3846SUSE bug 1136424SUSE bug 1136446SUSE bug 1156330cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3855SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
ModerateCVE-2019-3855SUSE bug 1128471SUSE bug 1134329SUSE bug 1135434SUSE bug 1141850cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3856SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
ModerateCVE-2019-3856SUSE bug 1128472SUSE bug 1135434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3857SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
ModerateCVE-2019-3857SUSE bug 1128474SUSE bug 1135434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3858SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3858SUSE bug 1128476SUSE bug 1135434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3859SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3859SUSE bug 1128480SUSE bug 1130103SUSE bug 1135434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3860SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3860SUSE bug 1128481SUSE bug 1135434SUSE bug 1136570cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3861SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3861SUSE bug 1128490SUSE bug 1135434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3862SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3862SUSE bug 1128492SUSE bug 1135434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3863SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.
ModerateCVE-2019-3863SUSE bug 1128493SUSE bug 1130103SUSE bug 1135434cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3870SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.
ModerateCVE-2019-3870SUSE bug 1130703cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3880SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
ModerateCVE-2019-3880SUSE bug 1131060SUSE bug 1139519cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3882SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.
ModerateCVE-2019-3882SUSE bug 1131416SUSE bug 1131427SUSE bug 1133319cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3886SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.
ModerateCVE-2019-3886SUSE bug 1131595SUSE bug 1133150SUSE bug 1138301cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3887SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.
ModerateCVE-2019-3887SUSE bug 1131800cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3892SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11599. Reason: This candidate is a reservation duplicate of CVE-2019-11599. Notes: All CVE users should reference CVE-2019-11599 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2019-3892SUSE bug 1131645SUSE bug 1133738cpe:/o:suse:sled:12:sp4CVE-2019-3896SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
ImportantCVE-2019-3896SUSE bug 1138943SUSE bug 1173987cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-3901SUSE Linux Enterprise Desktop 12 SP4
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in install_exec_creds() during privileged execve() calls. This issue affects kernel versions before 4.8.
LowCVE-2019-3901SUSE bug 1132374SUSE bug 1133106cpe:/o:suse:sled:12:sp4CVE-2019-5008SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver.
ModerateCVE-2019-5008SUSE bug 1133031cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5010SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.
ImportantCVE-2019-5010SUSE bug 1122191SUSE bug 1126909cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5018SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.
ImportantCVE-2019-5018SUSE bug 1134622cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5068SUSE Linux Enterprise Desktop 12 SP4
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
ModerateCVE-2019-5068SUSE bug 1156015cpe:/o:suse:sled:12:sp4CVE-2019-5094SUSE Linux Enterprise Desktop 12 SP4
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
ModerateCVE-2019-5094SUSE bug 1152101cpe:/o:suse:sled:12:sp4CVE-2019-5188SUSE Linux Enterprise Desktop 12 SP4
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
ModerateCVE-2019-5188SUSE bug 1160571cpe:/o:suse:sled:12:sp4CVE-2019-5435SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.
LowCVE-2019-5435SUSE bug 1135176SUSE bug 1154162cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5436SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
ImportantCVE-2019-5436SUSE bug 1135170SUSE bug 1149496SUSE bug 1154162cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5481SUSE Linux Enterprise Desktop 12 SP4
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
ModerateCVE-2019-5481SUSE bug 1149495cpe:/o:suse:sled:12:sp4CVE-2019-5482SUSE Linux Enterprise Desktop 12 SP4
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
ImportantCVE-2019-5482SUSE bug 1149496cpe:/o:suse:sled:12:sp4CVE-2019-5489SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
ModerateCVE-2019-5489SUSE bug 1120843SUSE bug 1120885cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5544SUSE Linux Enterprise Desktop 12 SP4
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
CriticalCVE-2019-5544SUSE bug 1157869cpe:/o:suse:sled:12:sp4CVE-2019-5716SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.
ModerateCVE-2019-5716SUSE bug 1121231cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5717SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.
ModerateCVE-2019-5717SUSE bug 1121232cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5718SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
ModerateCVE-2019-5718SUSE bug 1121233cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5719SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
ModerateCVE-2019-5719SUSE bug 1121234cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5721SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
ModerateCVE-2019-5721SUSE bug 1121235cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5747SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.
LowCVE-2019-5747SUSE bug 1121426SUSE bug 1121428cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5785SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
ImportantCVE-2019-5785SUSE bug 1125330SUSE bug 1125396cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-5849SUSE Linux Enterprise Desktop 12 SP4
Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2019-5849SUSE bug 1149321SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-5953SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.
ImportantCVE-2019-5953SUSE bug 1131493cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6109SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
ModerateCVE-2019-6109SUSE bug 1121571SUSE bug 1121816SUSE bug 1121818SUSE bug 1121821SUSE bug 1138392SUSE bug 1144902SUSE bug 1144903SUSE bug 1148884cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6110SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
ModerateCVE-2019-6110SUSE bug 1121571SUSE bug 1121816SUSE bug 1121818SUSE bug 1121821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6111SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
ModerateCVE-2019-6111SUSE bug 1121571SUSE bug 1121816SUSE bug 1121818SUSE bug 1121821SUSE bug 1123028SUSE bug 1123220SUSE bug 1131109SUSE bug 1138392SUSE bug 1144902SUSE bug 1144903SUSE bug 1148884cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6116SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
ImportantCVE-2019-6116SUSE bug 1122319SUSE bug 1129186SUSE bug 1134156cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6128SUSE Linux Enterprise Desktop 12 SP4
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
LowCVE-2019-6128SUSE bug 1121626SUSE bug 1153715cpe:/o:suse:sled:12:sp4CVE-2019-6129SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer."
LowCVE-2019-6129SUSE bug 1121624cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6133SUSE Linux Enterprise Desktop 12 SP4
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
ModerateCVE-2019-6133SUSE bug 1070943SUSE bug 1121826SUSE bug 1121872cpe:/o:suse:sled:12:sp4CVE-2019-6201SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-6201SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6212SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-6212SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6215SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-6215SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6216SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-6216SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6217SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-6217SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6226SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-6226SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6227SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-6227SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6229SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting.
ImportantCVE-2019-6229SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6233SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-6233SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6234SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-6234SUSE bug 1124937cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6237SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-6237SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-6250SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer (i.e., it is not necessary to use a typical buffer-overflow exploitation technique that changes the flow of control).
ImportantCVE-2019-6250SUSE bug 1121717SUSE bug 1122012cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6251SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.
ModerateCVE-2019-6251SUSE bug 1121894SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6446SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources.
ImportantCVE-2019-6446SUSE bug 1122208cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6454SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
ImportantCVE-2019-6454SUSE bug 1125352cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6465SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.
ModerateCVE-2019-6465SUSE bug 1126069SUSE bug 1148887cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6467SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.
ModerateCVE-2019-6467SUSE bug 1133186cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6470SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.
ModerateCVE-2019-6470SUSE bug 1134078cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6471SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.
ModerateCVE-2019-6471SUSE bug 1138687cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6475SUSE Linux Enterprise Desktop 12 SP4
Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. A mirror zone is similar to a zone of type secondary, except that its data is subject to DNSSEC validation before being used in answers, as if it had been looked up via traditional recursion, and when mirror zone data cannot be validated, BIND falls back to using traditional recursion instead of the mirror zone. However, an error in the validity checks for the incoming zone data can allow an on-path attacker to replace zone data that was validated with a configured trust anchor with forged data of the attacker's choosing. The mirror zone feature is most often used to serve a local copy of the root zone. If an attacker was able to insert themselves into the network path between a recursive server using a mirror zone and a root name server, this vulnerability could then be used to cause the recursive server to accept a copy of falsified root zone data. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.
ModerateCVE-2019-6475SUSE bug 1153993SUSE bug 1153994cpe:/o:suse:sled:12:sp4CVE-2019-6476SUSE Linux Enterprise Desktop 12 SP4
A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.
ModerateCVE-2019-6476SUSE bug 1153993SUSE bug 1153994cpe:/o:suse:sled:12:sp4CVE-2019-6488SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.
ModerateCVE-2019-6488SUSE bug 1122670cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6501SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.
LowCVE-2019-6501SUSE bug 1122722cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6706SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
ModerateCVE-2019-6706SUSE bug 1123043cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6778SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
ImportantCVE-2019-6778SUSE bug 1123156SUSE bug 1123157SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6974SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
ImportantCVE-2019-6974SUSE bug 1124728SUSE bug 1124729cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6977SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
ModerateCVE-2019-6977SUSE bug 1123354SUSE bug 1123361cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6978SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
ModerateCVE-2019-6978SUSE bug 1123522cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-6988SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.
LowCVE-2019-6988SUSE bug 1123492cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7146SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted elf file, as demonstrated by eu-readelf.
ModerateCVE-2019-7146SUSE bug 1123545cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7149SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.
LowCVE-2019-7149SUSE bug 1123559cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7150SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack.
LowCVE-2019-7150SUSE bug 1123685cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7175SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
LowCVE-2019-7175SUSE bug 1128649cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7221SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
ImportantCVE-2019-7221SUSE bug 1124732SUSE bug 1124734cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7222SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
LowCVE-2019-7222SUSE bug 1124735cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7285SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-7285SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7292SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory.
ModerateCVE-2019-7292SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7308SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.
ImportantCVE-2019-7308SUSE bug 1124055cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7309SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
LowCVE-2019-7309SUSE bug 1124100cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7317SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
ModerateCVE-2019-7317SUSE bug 1124211SUSE bug 1135824SUSE bug 1141780SUSE bug 1147021SUSE bug 1165297cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7395SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
LowCVE-2019-7395SUSE bug 1124368cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7396SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.
LowCVE-2019-7396SUSE bug 1124367cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7397SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.
LowCVE-2019-7397SUSE bug 1124366cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7398SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.
LowCVE-2019-7398SUSE bug 1124365cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7572SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
CVE-2019-7572SUSE bug 1124806cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7573SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
ModerateCVE-2019-7573SUSE bug 1124805cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7574SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
ModerateCVE-2019-7574SUSE bug 1124803cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7575SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
ModerateCVE-2019-7575SUSE bug 1124802cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7576SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
ModerateCVE-2019-7576SUSE bug 1124799cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7577SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
ModerateCVE-2019-7577SUSE bug 1124800cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7578SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
ModerateCVE-2019-7578SUSE bug 1125099cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7635SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
ModerateCVE-2019-7635SUSE bug 1124827cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7636SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
ModerateCVE-2019-7636SUSE bug 1124826cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7637SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
ModerateCVE-2019-7637SUSE bug 1124825SUSE bug 1134135cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7638SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.
ModerateCVE-2019-7638SUSE bug 1124824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7663SUSE Linux Enterprise Desktop 12 SP4
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.
LowCVE-2019-7663SUSE bug 1125113cpe:/o:suse:sled:12:sp4CVE-2019-7664SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
LowCVE-2019-7664SUSE bug 1125008cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-7665SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
LowCVE-2019-7665SUSE bug 1125007cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8325SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)
ImportantCVE-2019-8325SUSE bug 1130611cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8375SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany).
ModerateCVE-2019-8375SUSE bug 1126768cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8413SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661).
ModerateCVE-2019-8413SUSE bug 1125777cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8457SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
ImportantCVE-2019-8457SUSE bug 1136976SUSE bug 1154162cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8503SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website.
ModerateCVE-2019-8503SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8506SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8506SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8515SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information.
ModerateCVE-2019-8515SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8524SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8524SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8535SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8535SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8536SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8536SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8544SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8544SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8551SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8551SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8558SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8558SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8559SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8559SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8563SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8563SUSE bug 1132256cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8571SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8571SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8583SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8583SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8584SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8584SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8586SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8586SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8587SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8587SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8594SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8594SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8595SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8595SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8596SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8596SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8597SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8597SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8601SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8601SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8607SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory.
ModerateCVE-2019-8607SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8608SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8608SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8609SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8609SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8610SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8610SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8611SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8611SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8615SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8615SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8619SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8619SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8622SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8622SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8623SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8623SUSE bug 1135715cpe:/o:suse:sled:12:sp4CVE-2019-8644SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8644SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8649SUSE Linux Enterprise Desktop 12 SP4
A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8649SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8658SUSE Linux Enterprise Desktop 12 SP4
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8658SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8666SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8666SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8669SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8669SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8671SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8671SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8672SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8672SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8673SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8673SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8675SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
ImportantCVE-2019-8675SUSE bug 1146358SUSE bug 1168422cpe:/o:suse:sled:12:sp4CVE-2019-8676SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8676SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8677SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8677SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8678SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8678SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8679SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8679SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8680SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8680SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8681SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8681SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8683SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8683SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8684SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8684SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8686SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8686SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8687SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8687SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8688SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8688SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8689SUSE Linux Enterprise Desktop 12 SP4
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8689SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8690SUSE Linux Enterprise Desktop 12 SP4
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8690SUSE bug 1148931cpe:/o:suse:sled:12:sp4CVE-2019-8696SUSE Linux Enterprise Desktop 12 SP4
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
ImportantCVE-2019-8696SUSE bug 1146358SUSE bug 1146359cpe:/o:suse:sled:12:sp4CVE-2019-8904SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
ModerateCVE-2019-8904SUSE bug 1126121cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8905SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
ModerateCVE-2019-8905SUSE bug 1126117SUSE bug 1126118cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8906SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
ModerateCVE-2019-8906SUSE bug 1126119cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8907SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
ModerateCVE-2019-8907SUSE bug 1126117cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8912SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
ImportantCVE-2019-8912SUSE bug 1125907SUSE bug 1126284cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8934SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.
ModerateCVE-2019-8934SUSE bug 1118900SUSE bug 1126455cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8936SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
NTP through 4.2.8p12 has a NULL Pointer Dereference.
ModerateCVE-2019-8936SUSE bug 1128525SUSE bug 1148892SUSE bug 1155513cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8956SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
ImportantCVE-2019-8956SUSE bug 1124136cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-8980SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
LowCVE-2019-8980SUSE bug 1126209cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9003SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.
ModerateCVE-2019-9003SUSE bug 1126704cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9143SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
ModerateCVE-2019-9143SUSE bug 1127394cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9144SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
ModerateCVE-2019-9144SUSE bug 1127463cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9162SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper.
ImportantCVE-2019-9162SUSE bug 1127324cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9169SUSE Linux Enterprise Desktop 12 SP4
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
ModerateCVE-2019-9169SUSE bug 1127308SUSE bug 1146392cpe:/o:suse:sled:12:sp4CVE-2019-9200SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
ImportantCVE-2019-9200SUSE bug 1127329cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9208SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.
ModerateCVE-2019-9208SUSE bug 1127370cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9209SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
ModerateCVE-2019-9209SUSE bug 1127369cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9213SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
ModerateCVE-2019-9213SUSE bug 1128166SUSE bug 1128378SUSE bug 1129016cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9214SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.
ModerateCVE-2019-9214SUSE bug 1127367cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9278SUSE Linux Enterprise Desktop 12 SP4
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774
ImportantCVE-2019-9278SUSE bug 1160770cpe:/o:suse:sled:12:sp4CVE-2019-9325SUSE Linux Enterprise Desktop 12 SP4
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302
ModerateCVE-2019-9325SUSE bug 1160612cpe:/o:suse:sled:12:sp4CVE-2019-9371SUSE Linux Enterprise Desktop 12 SP4
In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254
ModerateCVE-2019-9371SUSE bug 1160615cpe:/o:suse:sled:12:sp4CVE-2019-9453SUSE Linux Enterprise Desktop 12 SP4
In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
LowCVE-2019-9453SUSE bug 1150028cpe:/o:suse:sled:12:sp4CVE-2019-9454SUSE Linux Enterprise Desktop 12 SP4
In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
ModerateCVE-2019-9454SUSE bug 1150023cpe:/o:suse:sled:12:sp4CVE-2019-9456SUSE Linux Enterprise Desktop 12 SP4
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
ModerateCVE-2019-9456SUSE bug 1150025cpe:/o:suse:sled:12:sp4CVE-2019-9466SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9503. Reason: This candidate is a duplicate of CVE-2019-9503. Notes: All CVE users should reference CVE-2019-9503 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2019-9466SUSE bug 1156653cpe:/o:suse:sled:12:sp4CVE-2019-9496SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
ModerateCVE-2019-9496SUSE bug 1131869cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9499SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
ImportantCVE-2019-9499SUSE bug 1131871SUSE bug 1131872SUSE bug 1131874cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9500SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
ModerateCVE-2019-9500SUSE bug 1132681cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9503SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
ModerateCVE-2019-9503SUSE bug 1132673SUSE bug 1132828SUSE bug 1133319SUSE bug 1156653cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9506SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
ModerateCVE-2019-9506SUSE bug 1137865SUSE bug 1146042cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9578SUSE Linux Enterprise Desktop 12 SP4
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
LowCVE-2019-9578SUSE bug 1128140cpe:/o:suse:sled:12:sp4CVE-2019-9619SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2019-9619SUSE bug 1132164cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9633SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial of service (g_socket_client_connected_callback mishandling and application crash) via a crafted web site, as demonstrated by GNOME Web (aka Epiphany).
ImportantCVE-2019-9633SUSE bug 1129429cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9636SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
ImportantCVE-2019-9636SUSE bug 1129346SUSE bug 1135433SUSE bug 1138459cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9704SUSE Linux Enterprise Desktop 12 SP4
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
LowCVE-2019-9704SUSE bug 1128937SUSE bug 1187508cpe:/o:suse:sled:12:sp4CVE-2019-9705SUSE Linux Enterprise Desktop 12 SP4
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.
LowCVE-2019-9705SUSE bug 1128935SUSE bug 1187508cpe:/o:suse:sled:12:sp4CVE-2019-9706SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (use-after-free and daemon crash) because of a force_rescan_user error.
LowCVE-2019-9706SUSE bug 1128933cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9755SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.
ModerateCVE-2019-9755SUSE bug 1130165cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9788SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9788SUSE bug 1129821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9790SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9790SUSE bug 1129821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9791SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9791SUSE bug 1129821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9792SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9792SUSE bug 1129821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9793SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which the range analysis will infer a fully controlled, incorrect range in circumstances where users have explicitly disabled Spectre mitigations. *Note: Spectre mitigations are currently enabled for all users by default settings.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9793SUSE bug 1129821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9794SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9794SUSE bug 1129821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9795SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9795SUSE bug 1129821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9796SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller element, the refresh driver incorrectly leaves a dangling pointer to the driver's observer array. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9796SUSE bug 1129821cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9800SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-9800SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9801SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
ImportantCVE-2019-9801cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9810SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
ImportantCVE-2019-9810SUSE bug 1129821SUSE bug 1130262cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9811SUSE Linux Enterprise Desktop 12 SP4
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-9811SUSE bug 1140868cpe:/o:suse:sled:12:sp4CVE-2019-9812SUSE Linux Enterprise Desktop 12 SP4
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
ImportantCVE-2019-9812SUSE bug 1149294SUSE bug 1149323SUSE bug 1149324cpe:/o:suse:sled:12:sp4CVE-2019-9813SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
ImportantCVE-2019-9813SUSE bug 1129821SUSE bug 1130262cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9815SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-9815SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9816SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-9816SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9817SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-9817SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9818SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-9818SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9819SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-9819SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9820SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
ModerateCVE-2019-9820SUSE bug 1135824cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9824SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.
LowCVE-2019-9824SUSE bug 1118900SUSE bug 1129622SUSE bug 1129623SUSE bug 1178658cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9836SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.
ModerateCVE-2019-9836SUSE bug 1139383cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9848SUSE Linux Enterprise Desktop 12 SP4
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.
ModerateCVE-2019-9848SUSE bug 1141862SUSE bug 1146098SUSE bug 1146105cpe:/o:suse:sled:12:sp4CVE-2019-9849SUSE Linux Enterprise Desktop 12 SP4
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.
ModerateCVE-2019-9849SUSE bug 1141861cpe:/o:suse:sled:12:sp4CVE-2019-9850SUSE Linux Enterprise Desktop 12 SP4
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
ModerateCVE-2019-9850SUSE bug 1146098cpe:/o:suse:sled:12:sp4CVE-2019-9851SUSE Linux Enterprise Desktop 12 SP4
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
ModerateCVE-2019-9851SUSE bug 1146105cpe:/o:suse:sled:12:sp4CVE-2019-9852SUSE Linux Enterprise Desktop 12 SP4
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
ImportantCVE-2019-9852SUSE bug 1146107SUSE bug 1149944cpe:/o:suse:sled:12:sp4CVE-2019-9854SUSE Linux Enterprise Desktop 12 SP4
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
ImportantCVE-2019-9854SUSE bug 1149944cpe:/o:suse:sled:12:sp4CVE-2019-9855SUSE Linux Enterprise Desktop 12 SP4
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
ImportantCVE-2019-9855SUSE bug 1149943cpe:/o:suse:sled:12:sp4CVE-2019-9857SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.
ModerateCVE-2019-9857SUSE bug 1129896cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9893SUSE Linux Enterprise Desktop 12 SP4
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
ModerateCVE-2019-9893SUSE bug 1128828cpe:/o:suse:sled:12:sp4CVE-2019-9904SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption occurs because of recursive agclose calls in lib\cgraph\graph.c in libcgraph.a, related to agfstsubg in lib\cgraph\subg.c.
ModerateCVE-2019-9904SUSE bug 1130628cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9924SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.
ImportantCVE-2019-9924SUSE bug 1130324cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9928SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
ImportantCVE-2019-9928SUSE bug 1133375cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9936SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.
LowCVE-2019-9936SUSE bug 1130326SUSE bug 1154162cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9937SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.
LowCVE-2019-9937SUSE bug 1130325SUSE bug 1154162cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9948SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
LowCVE-2019-9948SUSE bug 1130847SUSE bug 1135433cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2019-9956SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.
ModerateCVE-2019-9956SUSE bug 1130330cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-0569SUSE Linux Enterprise Desktop 12 SP4
Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.
ImportantCVE-2020-0569SUSE bug 1161167SUSE bug 1162191cpe:/o:suse:sled:12:sp4CVE-2020-10251SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.
ModerateCVE-2020-10251SUSE bug 1166225cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-10702SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU.
ModerateCVE-2020-10702SUSE bug 1168681cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-10717SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0. Virtio-fs is meant to share a host file system directory with a guest via virtio-fs device. If the guest opens the maximum number of file descriptors under the shared directory, a denial of service may occur. This flaw allows a guest user/process to cause this denial of service on the host.
ModerateCVE-2020-10717SUSE bug 1171110cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-10756SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.
ModerateCVE-2020-10756SUSE bug 1172380SUSE bug 1184743cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1CVE-2020-10761SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service.
ImportantCVE-2020-10761SUSE bug 1172710cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-11102SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
ImportantCVE-2020-11102SUSE bug 1168713cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-11655SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
ImportantCVE-2020-11655SUSE bug 1169126cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-11656SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
ModerateCVE-2020-11656SUSE bug 1169111cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-11810SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack will only work if Negotiable Cipher Parameters (NCP) is in use.
LowCVE-2020-11810SUSE bug 1169925cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2020-11869SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.
ModerateCVE-2020-11869SUSE bug 1170537SUSE bug 1188609cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-12829SUSE Linux Enterprise Desktop 12 SP1
In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service.
ModerateCVE-2020-12829SUSE bug 1172385cpe:/o:suse:sled:12:sp1CVE-2020-13435SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
ImportantCVE-2020-13435SUSE bug 1172091cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-13631SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
ModerateCVE-2020-13631SUSE bug 1172236cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-13632SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
ModerateCVE-2020-13632SUSE bug 1172240cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-13791SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
ModerateCVE-2020-13791SUSE bug 1172494cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-13800SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.
ModerateCVE-2020-13800SUSE bug 1172495cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-13871SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
ModerateCVE-2020-13871SUSE bug 1172646cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-13902SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.
ModerateCVE-2020-13902SUSE bug 1172642cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-14356SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
ModerateCVE-2020-14356SUSE bug 1175213SUSE bug 1176392cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3CVE-2020-14373SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.
ModerateCVE-2020-14373SUSE bug 1176133cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-14415SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.
ModerateCVE-2020-14415SUSE bug 1173109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-14422SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.
ImportantCVE-2020-14422SUSE bug 1173274cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15358SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
ModerateCVE-2020-15358SUSE bug 1173641cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15365SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.
ImportantCVE-2020-15365SUSE bug 1173517cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15389SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.
ModerateCVE-2020-15389SUSE bug 1173578cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15523SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.
ModerateCVE-2020-15523SUSE bug 1173745cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15704SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The modprobe child process in the ./debian/patches/load_ppp_generic_if_needed patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBE_OPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ubuntu1.4, 2.4.5-5.1ubuntu2.3+esm2, 2.4.7-1+2ubuntu1.16.04.3, 2.4.7-2+2ubuntu1.3, 2.4.7-2+4.1ubuntu5.1, 2.4.7-2+4.1ubuntu6. Was ZDI-CAN-11504.
ModerateCVE-2020-15704SUSE bug 1174891cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15801SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected.
ImportantCVE-2020-15801SUSE bug 1174241cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15859SUSE Linux Enterprise Desktop 12 SP2
QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.
ModerateCVE-2020-15859SUSE bug 1174373cpe:/o:suse:sled:12:sp2CVE-2020-15888SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
ImportantCVE-2020-15888SUSE bug 1174367cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15889SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.
CriticalCVE-2020-15889SUSE bug 1174371cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-15945SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function.
LowCVE-2020-15945SUSE bug 1174540cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-16092SUSE Linux Enterprise Desktop 12 SP2
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c.
ModerateCVE-2020-16092SUSE bug 1174641cpe:/o:suse:sled:12:sp2CVE-2020-1699SUSE Linux Enterprise Desktop 12 SP4
A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph dashboard.
ModerateCVE-2020-1699SUSE bug 1161074cpe:/o:suse:sled:12:sp4CVE-2020-1711SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
ImportantCVE-2020-1711SUSE bug 1166240cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-1712SUSE Linux Enterprise Desktop 12 SP4
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.
ImportantCVE-2020-1712SUSE bug 1162108cpe:/o:suse:sled:12:sp4CVE-2020-1720SUSE Linux Enterprise Desktop 12 SP4
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.
ModerateCVE-2020-1720SUSE bug 1163985cpe:/o:suse:sled:12:sp4CVE-2020-1730SUSE Linux Enterprise Desktop 12
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.
ModerateCVE-2020-1730SUSE bug 1168699cpe:/o:suse:sled:12CVE-2020-17489SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password were never shown in cleartext, only the password length is revealed.)
LowCVE-2020-17489SUSE bug 1175155cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-1967SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
ImportantCVE-2020-1967SUSE bug 1169407cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-1968SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).
ModerateCVE-2020-1968SUSE bug 1176331SUSE bug 1177243cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-24342SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.
ModerateCVE-2020-24342SUSE bug 1175339cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-24352SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
LowCVE-2020-24352SUSE bug 1175370SUSE bug 1188609cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-24369SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.
ModerateCVE-2020-24369SUSE bug 1175447cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-24370SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
ModerateCVE-2020-24370SUSE bug 1175448cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-24371SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage.
ModerateCVE-2020-24371SUSE bug 1175449cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-2583SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2583SUSE bug 1160968SUSE bug 1162972cpe:/o:suse:sled:12:sp4CVE-2020-2590SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2020-2590SUSE bug 1160968cpe:/o:suse:sled:12:sp4CVE-2020-2593SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
ModerateCVE-2020-2593SUSE bug 1160968SUSE bug 1162972cpe:/o:suse:sled:12:sp4CVE-2020-2601SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-2601SUSE bug 1160968cpe:/o:suse:sled:12:sp4CVE-2020-2604SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
ImportantCVE-2020-2604SUSE bug 1160968SUSE bug 1162972cpe:/o:suse:sled:12:sp4CVE-2020-2654SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2654SUSE bug 1160968SUSE bug 1172277cpe:/o:suse:sled:12:sp4CVE-2020-2659SUSE Linux Enterprise Desktop 12 SP4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2659SUSE bug 1160968SUSE bug 1162972cpe:/o:suse:sled:12:sp4CVE-2020-5208SUSE Linux Enterprise Desktop 12 SP4
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.
ImportantCVE-2020-5208SUSE bug 1163026cpe:/o:suse:sled:12:sp4CVE-2020-6750SUSE Linux Enterprise Desktop 12 SP4
GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected.
ModerateCVE-2020-6750SUSE bug 1160668cpe:/o:suse:sled:12:sp4CVE-2020-6796SUSE Linux Enterprise Desktop 12 SP4
A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.
ImportantCVE-2020-6796SUSE bug 1163368cpe:/o:suse:sled:12:sp4CVE-2020-6797SUSE Linux Enterprise Desktop 12 SP4
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
ImportantCVE-2020-6797SUSE bug 1163368cpe:/o:suse:sled:12:sp4CVE-2020-6798SUSE Linux Enterprise Desktop 12 SP4
If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
ImportantCVE-2020-6798SUSE bug 1163368cpe:/o:suse:sled:12:sp4CVE-2020-6799SUSE Linux Enterprise Desktop 12 SP4
Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.
ImportantCVE-2020-6799SUSE bug 1163368cpe:/o:suse:sled:12:sp4CVE-2020-6800SUSE Linux Enterprise Desktop 12 SP4
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
ImportantCVE-2020-6800SUSE bug 1163368cpe:/o:suse:sled:12:sp4CVE-2020-6851SUSE Linux Enterprise Desktop 12 SP4
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
ImportantCVE-2020-6851SUSE bug 1160782SUSE bug 1162090cpe:/o:suse:sled:12:sp4CVE-2020-7044SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.
ModerateCVE-2020-7044SUSE bug 1161052cpe:/o:suse:sled:12:sp4CVE-2020-7045SUSE Linux Enterprise Desktop 12 SP4
In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes.
LowCVE-2020-7045SUSE bug 1161061cpe:/o:suse:sled:12:sp4CVE-2020-7216SUSE Linux Enterprise Desktop 12 SP4
An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option.
ModerateCVE-2020-7216SUSE bug 1160905cpe:/o:suse:sled:12:sp4CVE-2020-7217SUSE Linux Enterprise Desktop 12 SP4
An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.
ModerateCVE-2020-7217SUSE bug 1160906cpe:/o:suse:sled:12:sp4CVE-2020-7221SUSE Linux Enterprise Desktop 12 SP4
mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does not affect the Oracle MySQL product, which implements mysql_install_db differently.
ImportantCVE-2020-7221SUSE bug 1160285SUSE bug 1160868SUSE bug 1160895cpe:/o:suse:sled:12:sp4CVE-2020-8013SUSE Linux Enterprise Desktop 12 SP4
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1.
ModerateCVE-2020-8013SUSE bug 1163922cpe:/o:suse:sled:12:sp4CVE-2020-8112SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
ImportantCVE-2020-8112SUSE bug 1162090cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-8315SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected.
ModerateCVE-2020-8315SUSE bug 1173935cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4CVE-2020-8428SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP3
fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed.
ModerateCVE-2020-8428SUSE bug 1162109cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp3CVE-2020-8597SUSE Linux Enterprise Desktop 12 SP4
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
ImportantCVE-2020-8597SUSE bug 1162610cpe:/o:suse:sled:12:sp4CVE-2020-9327SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
ModerateCVE-2020-9327SUSE bug 1164719cpe:/o:suse:sled:12cpe:/o:suse:sled:12:sp1cpe:/o:suse:sled:12:sp2cpe:/o:suse:sled:12:sp3cpe:/o:suse:sled:12:sp4kernel-defaultkernel-sourcesled-releasekrb5krb5-32bitkrb5-clientcurlhpliphplip-hpijshplip-sanemailxlibid3tag0glibczoocroncronielibmusicbrainz4perl-Tkpythonlibopenssl0_9_8libopenssl0_9_8-32bitlibopenssl1_0_0libopenssl1_0_0-32bitopenssllibopenssl-devellibopenssl-1_0_0-devellibopenssl1_1libopenssl1_1-32bitopenssl-1_0_0clamavghostscriptgimpgimp-langgimp-plugins-pythonlibgimp-2_0-0libgimpui-2_0-0sysstatlibrpcsecgss3coolkeylibecpg6libpq5libpq5-32bitpostgresql93postgresql94postgresql96postgresql10libmysqlclient18libmysqlclient18-32bitlibmysqlclient_r18libmysqlclient_r18-32bitmariadbmariadb-clientmariadb-errormessagesmariadb-100-errormessageszshlibmikmod3libmikmod3-32bittelepathy-idlepcreqemuqemu-block-curlqemu-ipxeqemu-kvmqemu-seabiosqemu-sgabiosqemu-toolsqemu-vgabiosqemu-x86libsilc-1_1-2libsilcclient-1_1-3silc-toolkitlibvorbis0libvorbis0-32bitlibvorbisenc2libvorbisenc2-32bitlibvorbisfile3libvorbisfile3-32bitopensshopenssh-askpass-gnomeopenssh-helpersvorbis-toolsvorbis-tools-langlibjasper1libjasper1-32bitpam_krb5pam_krb5-32bitlibxml2-2libxml2-2-32bitlibxml2-toolspython-libxml2glib2-langglib2-toolslibgio-2_0-0libgio-2_0-0-32bitlibgio-famlibglib-2_0-0libglib-2_0-0-32bitlibgmodule-2_0-0libgmodule-2_0-0-32bitlibgobject-2_0-0libgobject-2_0-0-32bitlibgthread-2_0-0libgthread-2_0-0-32bitflash-playerflash-player-gnomeg3utilsmgettygnutlslibgnutls28libgnutls28-32bitMozillaFirefoxMozillaFirefox-translationsdiadia-langalsalibasound2libasound2-32bitlibvirtlibcurl4libcurl4-32bitntpntp-doccupscups-clientcups-libscups-libs-32bitlibsndfile1libsndfile1-32bitgvimvimvim-dataopensccyrus-saslcyrus-sasl-32bitcyrus-sasl-crammd5cyrus-sasl-crammd5-32bitcyrus-sasl-digestmd5cyrus-sasl-digestmd5-32bitcyrus-sasl-gssapicyrus-sasl-gssapi-32bitcyrus-sasl-plaincyrus-sasl-plain-32bitcyrus-sasl-saslauthdlibsasl2-3libsasl2-3-32bitbind-libsbind-libs-32bitbind-utilslibbind9-160libdns169libirs160libisc166libisc166-32bitlibisccc160libisccfg160liblwres160python-bindavahiavahi-langlibavahi-client3libavahi-client3-32bitlibavahi-common3libavahi-common3-32bitlibavahi-core7libdns_sdlibdns_sd-32bitstrongswanstrongswan-docstrongswan-ipsecstrongswan-libs0lcmsliblcms1liblcms1-32bitlibpoppler-glib8libpoppler-qt4-4libpoppler44poppler-toolslibpoppler60libqt4libqt4-32bitlibqt4-qt3supportlibqt4-qt3support-32bitlibqt4-sqllibqt4-sql-32bitlibqt4-sql-mysqllibqt4-sql-mysql-32bitlibqt4-sql-postgresqllibqt4-sql-postgresql-32bitlibqt4-sql-sqlitelibqt4-sql-sqlite-32bitlibqt4-sql-unixODBClibqt4-sql-unixODBC-32bitlibqt4-x11libqt4-x11-32bitft2demoslibfreetype6libfreetype6-32bitwiresharklibwireshark8libwiretap6libwscodecs1libwsutil7wireshark-gtklibwireshark9libwiretap7libwsutil8pam_sshpam_ssh-32bitlibwmf-0_2-7libIlmImf-Imf_2_1-21libIlmImf-Imf_2_1-21-32bitopenexrlibxerces-c-3_1libxerces-c-3_1-32bitcifs-utilslibdcerpc-binding0libdcerpc-binding0-32bitlibdcerpc0libdcerpc0-32bitlibgensec0libgensec0-32bitlibndr-krb5pac0libndr-krb5pac0-32bitlibndr-nbt0libndr-nbt0-32bitlibndr-standard0libndr-standard0-32bitlibndr0libndr0-32bitlibnetapi0libnetapi0-32bitlibpdb0libpdb0-32bitlibregistry0libsamba-credentials0libsamba-credentials0-32bitlibsamba-hostconfig0libsamba-hostconfig0-32bitlibsamba-util0libsamba-util0-32bitlibsamdb0libsamdb0-32bitlibsmbclient-raw0libsmbclient-raw0-32bitlibsmbclient0libsmbclient0-32bitlibsmbconf0libsmbconf0-32bitlibsmbldap0libsmbldap0-32bitlibtevent-util0libtevent-util0-32bitlibwbclient0libwbclient0-32bitsambasamba-32bitsamba-clientsamba-client-32bitsamba-docsamba-libssamba-libs-32bitsamba-winbindsamba-winbind-32bitlibsamba-passdb0libsamba-passdb0-32bitlibdcerpc-atsvc0libsamba-errors0libsamba-errors0-32bitdhcpdhcp-clientlibtiff5libtiff5-32bitlibneon27gzipexpatlibexpat1libexpat1-32bitfetchmailfinchlibpurplelibpurple-langlibpurple-meanwhilelibpurple-tclpidginlibpurple-branding-upstreamlibpurple-plugin-sametimelibnewt0_52fuselibfuse2perl-HTML-Parserlibltdl7libltdl7-32bitkernel-default-develkernel-default-extrakernel-develkernel-macroskernel-symskernel-xenkernel-xen-devellibthai-datalibthai0libthai0-32bitm4rubyglibc-32bitglibc-develglibc-devel-32bitglibc-i18ndataglibc-localeglibc-locale-32bitnscdgroffbzip2libbz2-1libbz2-1-32bitlibpcsclite1libpcsclite1-32bitpcsc-litecpiocpio-langtartar-langlibpolkit0libpolkit0-32bitpolkittypelib-1_0-Polkit-1_0sudodbus-1-glibdbus-1-glib-32bitlibpng12-0libpng12-0-32bitlibpng16-16libpng16-16-32bitlibpng15-15w3mxorg-x11-serverxorg-x11-server-extralibvirt-clientlibvirt-client-32bitlibvirt-daemonlibvirt-daemon-config-networklibvirt-daemon-config-nwfilterlibvirt-daemon-driver-interfacelibvirt-daemon-driver-libxllibvirt-daemon-driver-lxclibvirt-daemon-driver-networklibvirt-daemon-driver-nodedevlibvirt-daemon-driver-nwfilterlibvirt-daemon-driver-qemulibvirt-daemon-driver-secretlibvirt-daemon-driver-storagelibvirt-daemon-lxclibvirt-daemon-qemulibvirt-daemon-xenlibvirt-doclibvirt-adminlibvirt-daemon-driver-storage-corelibvirt-daemon-driver-storage-disklibvirt-daemon-driver-storage-iscsilibvirt-daemon-driver-storage-logicallibvirt-daemon-driver-storage-mpathlibvirt-daemon-driver-storage-rbdlibvirt-daemon-driver-storage-scsilibvirt-libswgetbogofiltermipv6diputilsgpg2gpg2-langevinceevince-langlibevdocument3-4libevview3-3typelib-1_0-EvinceDocument-3_0typelib-1_0-EvinceView-3_0evince-browser-pluginevince-plugin-djvudocumentevince-plugin-dvidocumentevince-plugin-pdfdocumentevince-plugin-psdocumentevince-plugin-tiffdocumentevince-plugin-xpsdocumentnautilus-evinceperlperl-32bitperl-baseperl-doclibmspack0libsmilibsmi2libreofficelibreoffice-baselibreoffice-base-drivers-mysqllibreoffice-base-drivers-postgresqllibreoffice-calclibreoffice-calc-extensionslibreoffice-drawlibreoffice-filters-optionallibreoffice-gnomelibreoffice-icon-theme-tangolibreoffice-impresslibreoffice-l10n-aflibreoffice-l10n-arlibreoffice-l10n-calibreoffice-l10n-cslibreoffice-l10n-dalibreoffice-l10n-delibreoffice-l10n-enlibreoffice-l10n-eslibreoffice-l10n-filibreoffice-l10n-frlibreoffice-l10n-gulibreoffice-l10n-hilibreoffice-l10n-hulibreoffice-l10n-itlibreoffice-l10n-jalibreoffice-l10n-kolibreoffice-l10n-nblibreoffice-l10n-nllibreoffice-l10n-nnlibreoffice-l10n-pllibreoffice-l10n-pt-BRlibreoffice-l10n-pt-PTlibreoffice-l10n-rulibreoffice-l10n-sklibreoffice-l10n-svlibreoffice-l10n-xhlibreoffice-l10n-zh-Hanslibreoffice-l10n-zh-Hantlibreoffice-l10n-zulibreoffice-mailmergelibreoffice-mathlibreoffice-officebeanlibreoffice-pyunolibreoffice-writerlibreoffice-writer-extensionslibreoffice-icon-theme-galaxylibreoffice-l10n-rolibreofficekitlibreoffice-l10n-pt_BRlibreoffice-l10n-pt_PTlibreoffice-l10n-zh_CNlibreoffice-l10n-zh_TWlibreoffice-branding-upstreamlibreoffice-gtk2libreoffice-icon-themeslibHX28libHX28-32bitlibfreebl3libfreebl3-32bitlibsoftokn3libsoftokn3-32bitmozilla-nssmozilla-nss-32bitmozilla-nss-certsmozilla-nss-certs-32bitmozilla-nss-toolsmozilla-nss-sysinitmozilla-nss-sysinit-32bitpampam-32bitpam-docopenslpopenslp-32bitgnome-shellgnome-shell-browser-plugingnome-shell-calendargnome-shell-langlibipa_hbac0libsss_idmap0python-sssd-configsssdsssd-32bitsssd-adsssd-ipasssd-krb5sssd-krb5-commonsssd-ldapsssd-proxysssd-toolslibsss_sudolibsss_nss_idmap0libsss_certmap0libsss_simpleifp0dbus-1dbus-1-x11libdbus-1-3libdbus-1-3-32bitpcsc-ccidpatchcups-filterslibpango-1_0-0libpango-1_0-0-32bitpango-modulespango-modules-32bittypelib-1_0-Pango-1_0libzip2kbdkbd-legacyaaa_baseaaa_base-extrasxorg-x11xorg-x11-essentialsxrdblibgypsy0vinovino-langtelepathy-gabblelibcgroup1rsynclogrotateunixODBCunixODBC-32bitrsysloglibpython2_7-1_0libpython2_7-1_0-32bitpython-basepython-develpython-xmlkrb5-appl-clientsgdmgdm-branding-upstreamgdm-langgdmflexiserverlibgdm1typelib-1_0-Gdm-1_0libmodplug1ekigaecryptfs-utilsecryptfs-utils-32bitxenxen-kmp-defaultxen-libsxen-libs-32bitlibgnomesulibgnomesu-langlibgnomesu0libsoup-2_4-1libsoup-2_4-1-32bitlibsoup-langtypelib-1_0-Soup-2_4tftpsysvinit-toolswhoisyast2-coregdk-pixbuf-langgdk-pixbuf-query-loadersgdk-pixbuf-query-loaders-32bitlibgdk_pixbuf-2_0-0libgdk_pixbuf-2_0-0-32bittypelib-1_0-GdkPixbuf-2_0java-1_7_0-openjdk-pluginjava-1_8_0-openjdk-pluginlibgssglue1libgssglue1-32bitlibXfont1xorg-x11-libsgdk-pixbuf-loader-rsvglibrsvg-2-2librsvg-2-2-32bitrsvg-viewpam-modulespam-modules-32bityast2libpython3_4m1_0python3-basejava-1_7_0-openjdkjava-1_7_0-openjdk-headlessradvdhardlinkempathyempathy-langtelepathy-mission-control-plugin-goapuppetsysconfigsysconfig-netconfigcolordcolord-gtk-langcolord-langlibcolord-gtk1libcolord2libcolord2-32bitlibcolorhug2python-cupshelperssystem-config-printersystem-config-printer-commonsystem-config-printer-common-langsystem-config-printer-dbus-serviceudev-configure-printeremacsemacs-infoemacs-x11etagslibraptor2-0raptorImageMagicklibMagick++-6_Q16-3libMagickCore-6_Q16-1libMagickCore-6_Q16-1-32bitlibMagickWand-6_Q16-1libaugeas0augeasaugeas-lensescvsxinetdpython3python3-cursesperl-YAML-LibYAMLlibgudev-1_0-0libgudev-1_0-0-32bitlibudev1libudev1-32bitsystemdsystemd-32bitsystemd-bash-completionsystemd-sysvinitudevlibsystemd0libsystemd0-32bitfilefile-magiclibmagic1libmagic1-32bitargyllcmslibsnmp30libsnmp30-32bitnet-snmpperl-SNMPsnmp-mibsxfsprogspidgin-otrpidgin-plugin-otrlibtag1libtag1-32bitlibtag_c0libtag_c0-32bittaglibperl-Config-IniFileshyper-vlibgc1accountsserviceaccountsservice-langlibaccountsservice0typelib-1_0-AccountsService-1_0libvte9libexif12libexif12-32bitopenconnectopenconnect-langrhythmboxrhythmbox-langwdiffgnome-keyringgnome-keyring-32bitgnome-keyring-langgnome-keyring-pamgnome-keyring-pam-32bitlibgck-modules-gnome-keyringsquashfslibspice-client-glib-2_0-8libspice-client-gtk-2_0-4libspice-client-gtk-3_0-4libspice-controller0typelib-1_0-SpiceClientGlib-2_0typelib-1_0-SpiceClientGtk-3_0libspice-client-glib-helperlibspice-client-gtk-3_0-5gegl-0_2gegl-0_2-langlibgegl-0_2-0dracutlibproxy1libproxy1-32bitlibproxy1-config-gnome3libproxy1-config-gnome3-32bitlibproxy1-networkmanagerlibproxy1-networkmanager-32bitlibproxy1-pacrunner-webkitcups-pk-helpercups-pk-helper-langxlockmorelibssh4libssh4-32bitlibjavascriptcoregtk-1_0-0libjavascriptcoregtk-1_0-0-32bitlibjavascriptcoregtk-3_0-0libwebkit2gtk-3_0-25libwebkitgtk-1_0-0libwebkitgtk-1_0-0-32bitlibwebkitgtk-3_0-0libwebkitgtk2-langlibwebkitgtk3-langtypelib-1_0-JavaScriptCore-3_0typelib-1_0-WebKit-3_0unrarbashlibblkid1libblkid1-32bitlibmount1libmount1-32bitlibsmartcols1libuuid-devellibuuid1libuuid1-32bitpython-libmountutil-linuxutil-linux-langutil-linux-systemduuiddlibfdisk1libarchive13coreutilscoreutils-langgnome-online-accountsgnome-online-accounts-langlibgoa-1_0-0libgoa-backend-1_0-1typelib-1_0-Goa-1_0libgoa-1_0-0-32bitxrdppython-cursespython-tkruby2.1libX11-6libX11-6-32bitlibX11-datalibX11-xcb1libX11-xcb1-32bitlibXext6libXext6-32bitlibXfixes3libXfixes3-32bitlibXi6libXi6-32bitlibXinerama1libXinerama1-32bitlibXrandr2libXrandr2-32bitlibXrender1libXrender1-32bitlibXRes1libXRes1-32bitlibXv1libXv1-32bitlibXvMC1libXxf86dga1libdmx1libXxf86vm1libXxf86vm1-32bitlibXt6libXt6-32bitlibXcursor1libXcursor1-32bitlibXp6libXp6-32bitlibXtst6libXtst6-32bitlibxcb-dri2-0libxcb-dri2-0-32bitlibxcb-glx0libxcb-glx0-32bitlibxcb-randr0libxcb-render0libxcb-render0-32bitlibxcb-shape0libxcb-shm0libxcb-shm0-32bitlibxcb-sync1libxcb-xf86dri0libxcb-xfixes0libxcb-xfixes0-32bitlibxcb-xkb1libxcb-xkb1-32bitlibxcb-xv0libxcb1libxcb1-32bitlibxcb-dri3-0libxcb-dri3-0-32bitlibxcb-present0libxcb-present0-32bitlibxcb-sync1-32bitlibxcb-xinerama0libraw9rrdtoolrrdtool-cachedlibsrtp1imobiledevice-toolslibimobiledevice6libfbembed2_5socatfreerdplibfreerdp-1_0libfreerdp-1_0-pluginslibgcrypt20libgcrypt20-32bitorcalibspice-server1spicepython-pyOpenSSLpython3-pyOpenSSLrtkitcompat-openssl098openssl-1_1ibus-chewingibus-pinyinpython-plyghostscript-x11libjbig2libjbig2-32bitlibjson-c2libjson-c2-32bitlibyaml-0-2python-pywbemrpmrpm-32bitrpm-buildrpm-pythoncups-filters-cups-browsedcups-filters-foomatic-ripcups-filters-ghostscriptlibgadu3llvmllvm6freetype2SDLlibX11xorg-x11-driver-videosqlite3gtk2-langgtk2-toolsgtk2-tools-32bitlibgtk-2_0-0libgtk-2_0-0-32bittypelib-1_0-Gtk-2_0eogeog-langgtk2-datalibc-client2007e_suselibudisks2-0udisks2udisks2-langtigervncxorg-x11-XvnclibXvnc1xalan-j2lftpelfutilslibasm1libdw1libdw1-32bitlibebl1libebl1-32bitlibelf1libelf1-32bitlibelf-devellibfreerdp2muttmozilla-nsprmozilla-nspr-32bitMozillaFirefox-branding-SLEpython-xdgpython-requestspython3-requestspython-imaginggdgd-32bitbash-docbash-langlibreadline6libreadline6-32bitreadline-doclibmms0DirectFBlib++dfb-1_7-1libdirectfb-1_7-1libdirectfb-1_7-1-32bitpppperl-LWP-Protocol-httpsfacterlibtasn1libtasn1-6libtasn1-6-32bitgpgmelibgpgme11PackageKitPackageKit-backend-zyppPackageKit-gstreamer-pluginPackageKit-langevolution-data-serverevolution-data-server-langgnome-packagekitgnome-packagekit-langlibcamel-1_2-45libcamel-1_2-45-32bitlibebackend-1_2-7libebackend-1_2-7-32bitlibebook-1_2-14libebook-1_2-14-32bitlibebook-contacts-1_2-0libebook-contacts-1_2-0-32bitlibecal-1_2-16libecal-1_2-16-32bitlibedata-book-1_2-20libedata-book-1_2-20-32bitlibedata-cal-1_2-23libedata-cal-1_2-23-32bitlibedataserver-1_2-18libedataserver-1_2-18-32bitlibpackagekit-glib2-16libsolv-toolslibyui-ncurses-pkg6libyui-qt-pkg6libzypppython-solvpython-zypptypelib-1_0-PackageKitGlib-1_0yast2-pkg-bindingszypperzypper-loglibruby2_1-2_1ruby2.1-stdlibprocmailsyslog-serviceshimwpa_supplicantlibpulse-mainloop-glib0libpulse-mainloop-glib0-32bitlibpulse0libpulse0-32bitpulseaudiopulseaudio-esound-compatpulseaudio-gdm-hookspulseaudio-langpulseaudio-module-bluetoothpulseaudio-module-gconfpulseaudio-module-jackpulseaudio-module-lircpulseaudio-module-x11pulseaudio-module-zeroconfpulseaudio-utilsliblzo2-2liblzo2-2-32bitxf86-video-intelcpp48gcc48gcc48-32bitgcc48-c++gcc48-gijgcc48-gij-32bitgcc48-infolibasan0libasan0-32bitlibatomic1libatomic1-32bitlibffi4libffi4-32bitlibgcc_s1libgcc_s1-32bitlibgcj48libgcj48-32bitlibgcj48-jarlibgcj_bc1libgfortran3libgomp1libgomp1-32bitlibitm1libitm1-32bitlibquadmath0libstdc++48-devellibstdc++48-devel-32bitlibstdc++6libstdc++6-32bitlibtsan0mdadmliblua5_2lualibvncclient0libvncserver0libevent-2_0-5libzmq3ctagsgnome-settings-daemongnome-settings-daemon-langopenvpnunzipapache-commons-loggingflutelibabw-0_1-1libbaselibcdr-0_1-1libcmis-0_5-5libe-book-0_1-1libetonyek-0_1-1libfontslibformulalibfreehand-0_1-1libgltf-0_0-0libgraphite2-3libgraphite2-3-32bitlibhyphen0libixion-0_10-0liblangtag1liblayoutlibloaderlibmspub-0_1-1libmwaw-0_3-3libodfgen-0_1-1liborcus-0_8-0libpagemaker-0_0-0libreoffice-share-linkerlibreoffice-voikkolibrepositorylibrevenge-0_0-0librevenge-stream-0_0-0libserializerlibvisio-0_1-1libvoikko1libwps-0_4-4malaga-suomimyspell-af_ZAmyspell-armyspell-be_BYmyspell-bg_BGmyspell-bn_BDmyspell-bs_BAmyspell-camyspell-cs_CZmyspell-da_DKmyspell-demyspell-dictionariesmyspell-el_GRmyspell-enmyspell-esmyspell-et_EEmyspell-fr_FRmyspell-gu_INmyspell-he_ILmyspell-hi_INmyspell-hr_HRmyspell-hu_HUmyspell-it_ITmyspell-lo_LAmyspell-lt_LTmyspell-lv_LVmyspell-nl_NLmyspell-nomyspell-pl_PLmyspell-pt_BRmyspell-pt_PTmyspell-romyspell-ru_RUmyspell-sk_SKmyspell-sl_SImyspell-srmyspell-sv_SEmyspell-te_INmyspell-th_THmyspell-vimyspell-zu_ZApentaho-libxmlpentaho-reporting-flow-enginesaciculibicu52_1libicu52_1-32bitlibicu52_1-dataautofsopenldap2-clientbinutilsbindtcpdumplibpcap1libpcap1-32bitlibFLAC8libFLAC8-32bitlibFLAC++6libFLAC++6-32bitlibpcre1libpcre1-32bitlibpcre16-0libpcrecpp0libpcrecpp0-32bitlibksba8libjpeg-turbolibjpeg62libjpeg62-turbolibjpeg8libjpeg8-32bitlibturbojpeg0libjpeg62-32bitgraphvizglibc.i686exiv2libmpfr4libpng12xdg-utilsbusyboxpython-backports.ssl_match_hostnamepython-tornadoe2fsprogslibcom_err2libcom_err2-32bitlibext2fs2libfltk1libQt5Core5libQt5DBus5libQt5Gui5libQt5Widgets5libQt5Concurrent5libQt5Network5libQt5OpenGL5libQt5PrintSupport5libQt5Sql5libQt5Sql5-mysqllibQt5Sql5-postgresqllibQt5Sql5-sqlitelibQt5Sql5-unixODBClibQt5Test5libQt5Xml5texlivegstreamer-0_10-plugins-badgstreamer-0_10-plugins-bad-langlibgstbasecamerabinsrc-0_10-23libgstbasecamerabinsrc-0_10-23-32bitlibgstbasevideo-0_10-23libgstbasevideo-0_10-23-32bitlibgstcodecparsers-0_10-23libgstphotography-0_10-23libgstphotography-0_10-23-32bitlibgstsignalprocessor-0_10-23libgstsignalprocessor-0_10-23-32bitlibgstvdp-0_10-23libgstvdp-0_10-23-32bitgstreamer-plugins-badupdate-alternativesp7zipkernel-firmwareucode-amdpigzlibopenjp2-7NetworkManagergreplibldap-2_4-2libldap-2_4-2-32bitlibssh2-1libssh2-1-32bitlibidn11libidn11-32bitjava-1_8_0-openjdkjava-1_8_0-openjdk-headlesslibrestNetworkManager-langlibnm-glib-vpn1libnm-glib4libnm-util2libnm0typelib-1_0-NM-1_0typelib-1_0-NMClient-1_0typelib-1_0-NetworkManager-1_0libldb1libldb1-32bitlibtalloc2libtalloc2-32bitlibtdb1libtdb1-32bitlibtevent0libtevent0-32bitpytallocpytalloc-32bitlibunwinddnsmasqperl-XML-LibXMLxzsblim-sfcbauditlibaudit1libaudit1-32bitlibauparse0libvmtools0open-vm-toolsopen-vm-tools-desktoplibvdpau1libvdpau1-32bitbash-completionlibasan2libasan2-32bitlibcilkrts5libcilkrts5-32bitlibgfortran3-32bitliblsan0libmpx0libmpx0-32bitlibmpxwrappers0libmpxwrappers0-32bitlibquadmath0-32bitlibstdc++6-localelibubsan0libubsan0-32bityast2-ntp-clientlibeventscreenrpcbindgwenhywfar-langgwenhywfar-toolslibgwengui-gtk2-0libgwenhywfar60libgwenhywfar60-pluginsgtk2libgif6libgif6-32bitaudiofilelibaudiofile1libaudiofile1-32bitlibbluraylibpng16libxslt-toolslibxslt1libxslt1-32bitxscreensaverxscreensaver-dataatlibQtWebKit4libQtWebKit4-32bitlibbonobolibbonobo-32bitlibbonobo-langlibkde4libkde4-32bitlibkdecore4libkdecore4-32bitlibksuseinstall1libksuseinstall1-32bitlibnetpbm11libnetpbm11-32bitnetpbmlibQt5WebKit5libQt5WebKit5-importslibQt5WebKitWidgets5librawgrub2grub2-i386-pcgrub2-snapper-plugingrub2-x86_64-efigrub2-x86_64-xengrub2-systemd-sleep-pluginlibhogweed2libhogweed2-32bitlibnettle4libnettle4-32bitdosfstoolsgdk-pixbuflibarchivelibixion-0_12-0liborcus-0_12-0libstaroffice-0_0-0libzmf-0_0-0myspell-af_NAmyspell-ar_AEmyspell-ar_BHmyspell-ar_DZmyspell-ar_EGmyspell-ar_IQmyspell-ar_JOmyspell-ar_KWmyspell-ar_LBmyspell-ar_LYmyspell-ar_MAmyspell-ar_OMmyspell-ar_QAmyspell-ar_SAmyspell-ar_SDmyspell-ar_SYmyspell-ar_TNmyspell-ar_YEmyspell-bn_INmyspell-bsmyspell-ca_ADmyspell-ca_ESmyspell-ca_ES_valenciamyspell-ca_FRmyspell-ca_ITmyspell-de_ATmyspell-de_CHmyspell-de_DEmyspell-en_AUmyspell-en_BSmyspell-en_BZmyspell-en_CAmyspell-en_GBmyspell-en_GHmyspell-en_IEmyspell-en_INmyspell-en_JMmyspell-en_MWmyspell-en_NAmyspell-en_NZmyspell-en_PHmyspell-en_TTmyspell-en_USmyspell-en_ZAmyspell-en_ZWmyspell-es_ARmyspell-es_BOmyspell-es_CLmyspell-es_COmyspell-es_CRmyspell-es_CUmyspell-es_DOmyspell-es_ECmyspell-es_ESmyspell-es_GTmyspell-es_HNmyspell-es_MXmyspell-es_NImyspell-es_PAmyspell-es_PEmyspell-es_PRmyspell-es_PYmyspell-es_SVmyspell-es_UYmyspell-es_VEmyspell-fr_BEmyspell-fr_CAmyspell-fr_CHmyspell-fr_LUmyspell-fr_MCmyspell-lightproof-enmyspell-lightproof-hu_HUmyspell-lightproof-pt_BRmyspell-lightproof-ru_RUmyspell-nb_NOmyspell-nl_BEmyspell-nn_NOmyspell-pt_AOmyspell-ro_ROmyspell-sr_CSmyspell-sr_Latn_CSmyspell-sr_Latn_RSmyspell-sr_RSmyspell-sv_FImyspell-temyspell-uk_UAmyspell-vi_VNlibtirpc1harfbuzzfreetypepostgresqlboost-license1_54_0hunspellhunspell-32bithunspell-toolslibOpenCOLLADA0libboost_atomic1_54_0libboost_date_time1_54_0libboost_filesystem1_54_0libboost_iostreams1_54_0libboost_program_options1_54_0libboost_regex1_54_0libboost_signals1_54_0libboost_system1_54_0libboost_thread1_54_0libixion-0_11-0liborcus-0_11-0libqca2libqca2-32bitqt4-qtscriptlibvirglrenderer0libXpm4libXpm4-32bitlcms2liblcms2-2liblcms2-2-32bitlibwavpack1gstreamer-plugins-goodgstreamer-plugins-good-langdoxygenjasperlibosip2openjpeg2perl-Mail-SpamAssassinspamassassinlibnghttp2-14libnghttp2-14-32bitapparmoryast2-userssupportutilslibvpxlibjavascriptcoregtk-4_0-18libwebkit2gtk-4_0-37libwebkit2gtk3-langtypelib-1_0-JavaScriptCore-4_0typelib-1_0-WebKit2-4_0webkit2gtk-4_0-injected-bundleshexchatlhasaliblhasa0libquicktime0MozillaFirefox-translations-commonlibotr5gifliblibcairo-gobject2libcairo-gobject2-32bitlibcairo2libcairo2-32bitlibcairo-script-interpreter2tifflibndp0libksbagccgcc5ceph-commonlibcephfs1librados2libradosstriper1librbd1python-cephfspython-radospython-rbdlibimobiledevice-toolslibimobiledevice4libusbmuxd2usbmuxdlibusbmuxd4libcares2libcares2-32bitfontconfigfontconfig-32bityast2-storagelibstorage-rubylibstorage6kdumplibicallibical1libical1-32bitlibsqlite3-0libsqlite3-0-32bitshadowcrackliblibcrack2libcrack2-32bitfile-rollerbluezbluez-cupslibbluetooth3libass5guileguile-modules-2_0libguile-2_0-22python-setuptoolspython3-setuptoolsgstreamer-plugins-bad-langlibgstbasecamerabinsrc-1_0-0libgstcodecparsers-1_0-0libgstegl-1_0-0libgstmpegts-1_0-0libgstphotography-1_0-0libgstadaptivedemux-1_0-0libgstbadaudio-1_0-0libgstbadbase-1_0-0libgstbadvideo-1_0-0libgstgl-1_0-0libgsturidownloader-1_0-0libxml2gstreamer-0_10-plugins-goodgstreamer-0_10-plugins-good-langgstreamer-0_10-plugins-basegstreamer-0_10-plugins-base-32bitgstreamer-0_10-plugins-base-langgstreamer-plugins-basegstreamer-plugins-base-langlibgstallocators-1_0-0libgstapp-0_10-0libgstapp-0_10-0-32bitlibgstapp-1_0-0libgstapp-1_0-0-32bitlibgstaudio-1_0-0libgstaudio-1_0-0-32bitlibgstfft-1_0-0libgstfft-1_0-0-32bitlibgstinterfaces-0_10-0libgstinterfaces-0_10-0-32bitlibgstpbutils-1_0-0libgstpbutils-1_0-0-32bitlibgstriff-1_0-0libgstrtp-1_0-0libgstrtsp-1_0-0libgstsdp-1_0-0libgsttag-1_0-0libgsttag-1_0-0-32bitlibgstvideo-1_0-0libgstvideo-1_0-0-32bittypelib-1_0-GstAudio-1_0typelib-1_0-GstPbutils-1_0typelib-1_0-GstTag-1_0typelib-1_0-GstVideo-1_0libz1libz1-32bitzlib-devellibgme0libwebplibntfs-3g84ntfs-3gntfsprogslibgcryptlibopus0shotwellshotwell-langxmlsec1webkitgtk3xrootdlibncurses5libncurses5-32bitlibncurses6libncurses6-32bitncurses-develncurses-utilstackterminfoterminfo-basedrm-kmp-defaultlibexiv2-12libqpdf18libsndfileImageMagick-config-6-SUSEImageMagick-config-6-upstreamlibziplibvpx1libvpx1-32bitvpx-toolsliblouis-dataliblouis9python3-louiswebkit2gtk3libidnlibwpd-0_10-10dcrawgnome-shell-search-provider-nautiluslibnautilus-extension1libnautilus-extension1-32bitnautilusnautilus-langlibofxlibofx6popplerliblouisspice-vdagentgnome-sessionxdg-user-dirsyubikey-managerSuSEfirewall2libXfont2-2libcephfs2librgw2python-rgwncursestransfigevolutionlibcdio14libcdio14-32bitlibiso9660-8libexempi3libXdmcp6libXdmcp6-32bitlibICE6libICE6-32bitlibplist++1libplist1libplist++3libplist3ucode-intelvirt-installvirt-managervirt-manager-commonqemu-ovmf-x86_64gstreamergstreamer-langgstreamer-utilslibgstreamer-1_0-0libgstreamer-1_0-0-32bittypelib-1_0-Gst-1_0libpodofo0_9_2libyaml-cpp0_5libzzip-0-13sane-backendssane-backends-32bitsane-backends-autoconfigapparmor-docsapparmor-parserapparmor-profilesapparmor-utilslibapparmor1libapparmor1-32bitpam_apparmorpam_apparmor-32bitperl-apparmorpodofominicompython3-rpmlibcroco-0_6-3libcroco-0_6-3-32bitlibtirpc1-32bitlibtirpc-netconfiglibtirpc3libtirpc3-32bitgnome-documentsgnome-documents-langgnome-documents_books-commongnome-shell-search-provider-documentslibboost_locale1_54_0libboost_random1_54_0libepubgen-0_1-1libixion-0_13-0liborcus-0_13-0libqxp-0_0-0myspell-idmyspell-id_IDsharutilspkg-configlibSoundTouch0libSoundTouch0-32bitsoundtouchpython-cryptographypython3-cryptographylibavahi-glib1libavahi-glib1-32bitlibavahi-gobject0libavahi-ui-gtk3-0libavahi-ui0geglrzszpython-tallocpython-talloc-32bitwavpackperl-Archive-ZipNetworkManager-vpncNetworkManager-vpnc-gnomeNetworkManager-vpnc-langgnome-bluetoothlibssh2_orgPackageKit-gtk3-modulelibpackagekit-glib2-18libprocps3procpslibatalk12netatalkovmfexempigcc7gcc8libqt5-qtwebkitwebkitgtklibpng15libtirpcbtrfsmaintenancelibykcs11-1libykpiv1yubico-piv-toolpangoevolution-langlibixion-0_14-0liborcus-0_14-0libspectre1libkpathsea6qpdfcairolibu2f-host0pam_u2flibsolvlibcaca0pam_yubicogdbcephiptablesatftpgnome-desktopgvfsopenldap2-docibusibus-gtkibus-gtk3ibus-gtk3-32bitibus-langlibibus-1_0-5libibus-1_0-5-32bitpython-ibustypelib-1_0-IBus-1_0libdjvulibre21gcc33libsouplibtomcrypt0aspelllibaspell15libaspell15-32bitlibqt5-qtbasevirglrendererfribiditrouserswickedwicked-servicelibmariadb3libmariadb_pluginspermissionsnfs-clientnfs-kernel-serveradclispice-gtklibwsman1libwsman_clientpp1openwsman-serverldblibsshMesaMesa-32bitMesa-driMesa-dri-32bitMesa-libEGL1Mesa-libEGL1-32bitMesa-libGL1Mesa-libGL1-32bitMesa-libGLESv2-2Mesa-libGLESv2-2-32bitMesa-libglapi0Mesa-libglapi0-32bitlibgbm1libgbm1-32bitlibxatracker2zeromqpython-numpylua51libSDL-1_2-0glib2libseccomp2libseccomp2-32bitcompat-openssl098.703ipmitool012.312.40:1.12.1-6.30:1.12.1-19.10:1.12.5-39.10:1.12.5-40.28.212.112.2120:3.14.6-3.140:3.16.11-1.33(x86_64)0:12.5-22.10:12.5-25.150:12.5-28.1(x86_64)0:0.15.1b-184.3.10:0.15.1b-184.3.10:2.10-1020.620:4.2-55.30:1.4.11-55.30:4.2-58.30:1.4.11-58.30:2.1.5-27.860:804.031-3.820:0.9.8j-59.110:1.0.1i-2.120:0.9.8j-81.10:1.0.1i-34.10:1.0.2j-55.10:0.9.8j-102.10:1.0.2j-59.10:0.9.8j-105.10:1.0.2p-2.110:1.0.2p-1.130:0.9.8j-106.6.10:1.1.1-1.9(x86_64)0:2.8.18-8.1(noarch)0:2.8.18-8.10:2.8.18-8.10:2.8.18-9.3.260:0.19-16.560:1.1.0-147.710:1.1.0-148.3.1(x86_64)0:9.4.6-7.1(x86_64)0:9.3.11-14.2(x86_64)0:9.4.6-7.20:9.4.9-14.10:9.6.3-2.10:9.6.3-2.40:10.5-1.3.10:10.5-1.3.20:10.0.11-6.40:10.0.21-1.170:10.0.27-12.10:10.0.30-28.10:10.0.35-1.70:10.2.18-1.70:9.3.5-2.30:9.3.5-2.240:9.4.5-4.10:9.4.5-4.50:3.2.0-4.590:0.2.0-1.620:2.0.0-40.70:1.0.0-40.70:1.7.4-40.70:8-40.70:2.3.1-5.70:1.0.0-5.70:1.8.1-5.70:8-5.70:2.6.1-27.150:1.0.0-27.150:1.9.1-27.150:8-27.150:2.9.0-5.100:1.0.0-5.100:1.10.2-5.100:8-5.100:2.11.2-4.140:1.0.0-4.140:1.11.0-4.140:8-4.140:1.1.10-24.1280:1.3.3-8.230:1.3.3-10.14.1(x86_64)0:7.2p2-74.11.1(x86_64)0:7.2p2-74.11.30:7.2p2-74.25.10:1.4.0-16.90:1.4.0-26.10:0.15.1b-182.58(x86_64)0:1.900.14-181.10:1.900.14-194.10:1.900.14-195.8.10:2.4.4-4.50:2.9.1-6.20:2.9.1-10.10:2.9.4-27.10:2.9.4-45.10:2.9.4-46.15.10:2.38.2-5.120:2.48.2-10.20:11.2.202.406-1.30:11.2.202.548-111.10:1.1.36-54.1000:3.2.15-1.80:3.2.15-11.10:3.3.27-1.100:3.3.27-3.3.10:31.1.0esr-1.200:38.4.0esr-51.10:45.4.0esr-81.10:52.2.0esr-108.30:52.9.0esr-109.38.20:0.97.2-13.2530:0.97.3-15.630:1.0.27.2-11.100:1.0.27.2-15.10:7.37.0-2.50:7.37.0-15.10:7.37.0-28.10:7.37.0-36.10:7.60.0-2.110:4.2.6p5-24.30:4.2.8p4-1.30:4.2.8p8-14.10:4.2.8p10-63.30:4.2.8p12-64.8.20:1.7.5-2.70:1.7.5-9.10:1.7.5-12.40:1.7.5-19.10:1.7.5-20.17.10:1.0.25-18.750:1.0.25-21.10:1.0.25-25.10:1.0.25-35.10:1.0.25-36.16.10:7.4.326-2.620:7.4.326-16.10:0.13.0-1.1220:2.1.26-7.10:2.1.26-8.7.10:9.9.5P1-1.100:9.9.6P1-30.20:9.9.9P1-46.10:9.9.9P1-62.10:9.11.2-1.240:0.6.31-20.590:0.6.32-30.360:5.1.3-4.10:5.1.3-18.10:5.1.3-22.10:5.1.3-25.10:5.1.3-26.5.10:1.19-17.310:0.24.4-3.140:0.24.4-3.130:0.43.0-15.10:0.24.4-12.10:0.43.0-16.15.10:4.8.6-2.110:4.8.6-2.60:4.8.6-4.20:4.8.6-4.10:4.8.6-7.10:4.8.7-8.8.10:2.5.3-2.110:2.5.3-2.180:2.5.5-7.5.10:2.6.3-7.8.30:2.6.3-7.8.20:2.6.3-7.10.10:2.6.3-7.15.10:1.10.9-1.110:1.12.7-15.10:1.12.13-31.10:2.2.7-47.10:2.4.9-48.29.10:2.0-1.40(x86_64)0:0.2.8.4-242.30:2.1.0-4.50:2.1.0-6.3.10:3.1.1-1.60:3.1.1-4.10:3.1.1-12.30:6.4-3.50:4.1.12-3.20:6.4-6.40:4.2.4-4.190:6.5-8.90:4.2.4-26.20:4.4.2-29.40:4.6.5+git.27.6afd48b1083-2.110:6.5-9.3.20:4.6.16+git.124.aee309c5c18-3.32.10:4.2.6-7.30:4.3.3-2.20:4.3.3-9.10:4.3.3-10.14.10:4.0.3-9.780:4.0.4-12.20:4.0.6-26.30:4.0.7-43.10:4.0.9-44.24.10:0.30.0-3.650:1.6-7.3920:1.6-9.3.10:2.1.0-13.2320:2.1.0-17.10:2.1.0-20.20:2.1.0-21.3.10:6.3.26-5.180:6.3.26-12.30:2.10.9-5.150:2.10.9-8.10:2.11.0-12.50:2.12.0-1.330:2.12.0-3.3.10:0.52.16-1.830:2.9.3-3.650:2.9.3-5.10:2.9.3-6.3.10:3.71-1.1780:2.4.2-14.600:2.4.2-16.10:2.4.2-17.4.10:3.12.28-4.60:3.12.49-11.10:4.4.21-69.10:4.4.73-5.10:4.12.14-94.41.10:0.1.25-4.20:1.4.16-15.740:2.1-1.60:2.19-17.720:2.19-31.90:2.22-49.160:2.22-61.30:2.22-15.30:1.22.2-5.429(x86_64)0:0.9.8j-73.2(x86_64)0:2.22-100.8.1(noarch)0:2.22-100.8.10:1.0.6-27.11290:0.98.4-1.460:0.98.7-13.10:1.0.6-29.20:0.99.2-25.10:0.99.2-32.10:0.100.2-33.18.10:1.8.10-3.70:1.8.10-6.10:1.8.10-7.3.10:2.11-26.1820:1.27.1-2.220:2.11-29.10:1.27.1-4.10:1.27.1-8.10:2.11-35.10:1.27.1-14.10:2.11-36.3.40:1.27.1-15.3.70:0.112-2.1890:0.113-4.10:0.113-5.6.10:0.113-5.12.10:1.8.10p3-1.620:1.8.10p3-6.160:1.8.20p2-1.30:1.8.20p2-3.7.100:0.100.2-3.580:1.2.50-8.210:1.6.8-2.240:1.5.22-2.20:1.6.8-5.10:1.2.50-13.10:1.5.22-4.10:1.6.8-11.10:1.2.50-19.10:1.5.22-9.10:1.6.8-14.10:0.5.3-153.1450:0.5.3-157.10:0.5.3.git20161120-160.10:7.6_1.15.2-12.170:7.6_1.15.2-36.210:7.6_1.18.3-57.340:7.6_1.18.3-71.10:1.19.6-2.10:1.2.5-13.30:1.2.18.1-4.220:2.0.0-26.20:3.3.0-4.280:4.0.0-6.130:1.14-4.830:1.14-7.10:1.14-10.30:1.14-20.10:1.14-21.7.10:1.2.4-3.560:1.2.4-5.30:2.0.2.umip.0.4-19.770:s20121221-2.190:2.0.24-1.50:2.0.24-3.20:2.0.24-8.10:2.0.24-9.3.10:3.10.3-1.2130:3.20.1-5.660:3.20.2-6.22.90:5.18.2-3.70:5.18.2-11.10:5.18.2-12.17.10:0.4-3.640:0.4-10.10:0.4-14.40:0.4.8-18.630:4.3.1.2-3.70:5.0.2.2-13.140:5.1.5.2-29.40:5.2.5.1-42.130:6.0.5.2-43.38.50:3.18-1.190:3.16.4-5.20:3.19.2.1-29.10:3.21.1-46.20:3.29.5-57.10:3.29.5-58.12.10:1.1.8-11.570:1.1.8-14.10:1.1.8-23.10:1.1.8-24.14.10:2.0.0-2.90:2.0.0-5.10:2.0.0-11.10:2.0.0-17.10:2.0.0-18.17.10:3.10.4-22.130:3.10.4-40.10:3.20.4-70.40:3.20.4-76.30:3.20.4-77.17.10:1.11.5.1-5.200:1.11.5.1-14.10:1.13.4-18.100:1.13.4-33.20:1.16.1-2.80:1.13.4-34.7.10:1.8.8-1.50:1.8.8-1.120:1.8.16-14.10:1.8.16-19.10:1.8.22-28.190:1.8.22-28.140:1.8.22-29.10.20:1.4.14-1.450:1.4.25-4.10:2.8.10-1.1640:2.8.18-4.70:2.7.1-5.1910:2.7.5-7.10:2.7.5-8.5.1(x86_64)0:10.0.16-15.10:1.36.3-4.140:1.40.1-9.50:0.11.1-4.620:0.11.1-9.10:0.11.1-12.10:0.11.1-13.3.10:1.15.5-7.120:1.15.5-8.4.10:1.15.5-8.7.10:2.0.4-8.10.20:13.2+git20140911.61c1681-1.160:13.2+git20140911.61c1681-9.10:13.2+git20140911.61c1681-28.10:13.2+git20140911.61c1681-36.10:13.2+git20140911.61c1681-38.8.10:7.6_1-14.170:1.1.0-3.580:0.9-6.240:3.10.1-1.860:3.20.2-5.80:0.18.1-3.2680:0.18.3-5.70:0.41.rc1-1.300:0.41.rc1-4.10:0.41.rc1-9.10:3.1.0-2.70:3.1.0-12.10:3.1.0-13.13.30:3.8.7-3.210:3.11.0-1.150:3.11.0-2.11.10:2.3.1-4.950:2.3.4-6.50:2.3.6-7.9.10:2.7.7-2.360:2.7.9-20.60:2.7.9-24.20:2.7.13-27.10:2.7.13-28.11.20:1.0.3-1.50:3.10.0.1-13.30:3.10.0.1-23.10:3.10.0.1-52.50:3.10.0.1-54.6.30:0.8.8.4-13.690:0.8.9.0+git20170610.f6dd59a-15.4.10:103-5.350:103-7.10:103-8.3.10:4.4.1_06-2.20:4.4.1_06_k3.12.28_4-2.20:4.5.1_12-2.30:4.5.1_12_k3.12.49_11-2.30:4.7.0_12-23.40:4.9.0_08-2.20:4.11.0_08-1.110:1.0.0-352.840:2.0.0-353.6.20:2.44.2-1.460:2.54.1-4.50:2.62.2-5.7.10:5.2-8.840:5.2-10.30:5.2-11.6.10:2.88+-94.130:5.1.1-1.170:3.1.11-1.90:3.1.18-1.50:2.88+-96.10:3.1.23-6.380:2.88+-99.150:3.2.2-1.290:3.3.1-1.70:2.30.6-1.230:2.34.0-16.20:2.34.0-18.10:2.34.0-19.17.10:1.5.1-1.130:1.6.1-2.3.10:1.6.1-2.4.210:1.6.2-2.8.30:1.6.2-2.10.30:0.4-3.830:1.4.7-2.90:7.6-45.140:1.4.7-4.10:1.5.1-10.30:1.5.1-11.3.120:2.40.2-1.130:2.40.15-4.50:2.40.20-5.6.10:12.1-23.120:3.1.108-1.160:3.1.155-1.130:3.1.206-37.1.20:3.2.36-1.110:3.2.48-3.29.200:8.4.0-2.20:8.4.0-8.30:8.4.0-14.10:8.24.0-1.200:8.24.0-3.16.10:3.4.1-2.380:3.4.1-12.10:3.4.6-24.10:3.4.6-25.16.10:1.7.0.65-3.70:1.7.0.91-21.20:1.7.0.111-33.10:1.7.0.141-42.10:1.7.0.181-43.15.20:1.9.7-2.170:1.0-6.450:3.10.3-1.1310:3.12.12-5.120:3.12.12-7.30:3.12.13-8.3.280:3.6.2-3.620:3.8.5-5.10:3.8.5-14.10:3.8.5-15.9.10:0.83.7-2.10:0.83.8-7.10:0.84.0-13.10:1.1.7-2.420:0.1.25-3.1130:1.1.7-5.30:1.3.3-10.140:0.1.26-6.30:1.3.3-12.130:1.4.5-1.50:1.5.7-7.50:24.3-14.440:24.3-16.320:24.3-19.20:24.3-25.3.10:2.0.10-3.670:6.8.8.1-5.210:6.8.8.1-8.20:6.8.8.1-33.10:6.8.8.1-70.10:6.8.8.1-71.85.10:1.2.0-1.50:1.2.0-3.10:1.2.0-10.10:1.2.0-15.30:1.2.0-17.3.10:1.12.12-181.630:1.12.12-182.3.10:2.3.15-7.70:2.3.15-8.8.1(x86_64)0:3.4.10-25.39.2(x86_64)0:3.4.10-25.39.30:0.38-7.610:0.38-10.10:210-44.10:210-83.20:228-117.120:228-142.10:228-150.49.20:5.19-2.1490:5.19-9.10:5.22-10.6.10:1.6.3-1.1790:1.6.3-3.30:5.7.2.1-3.80:5.7.3-4.20:5.7.3-6.3.1(x86_64)0:3.2.1-3.50:4.3.0-8.80:4.3.0-12.10:4.15.0-1.120:4.0.0-6.180:4.0.0-11.60:4.0.2-1.290:1.9.1-1.2650:2.82-3.140:6-11.10:7-13.10:7-7.50:7.2d-3.770:7.2d-5.10:0.6.35-1.1260:0.6.35-3.100:0.6.42-14.20:0.6.42-16.3.10:0.28.2-17.830:0.28.2-19.70:0.6.21-6.40:0.6.21-8.3.10:7.08-1.270:3.0.2-1.920:3.4-6.140:1.2.1-3.640:3.10.1-4.10:3.10.1-11.10:3.20.0-27.20:3.20.0-28.3.180:4.3-1.150:4.3-6.20:0.25-3.40:0.29-1.40:0.31-7.20:0.33-1.330:0.33-3.6.1(x86_64)0:0.2.0-10.3.3(noarch)0:0.2.0-10.3.3(x86_64)0:0.2.0-14.3(noarch)0:0.2.0-14.30:0.2.0-14.30:037-34.40:037-66.20:044-87.10:044-113.100:044.1-9.50:0.4.11-11.20:0.4.11-11.60:0.4.13-16.30:0.4.13-16.60:0.2.5-3.750:0.2.5-5.10:0.6.3-1.40:0.6.3-8.10:0.6.3-11.10:0.6.3-12.6.10:2.2.7-3.630:2.4.8-16.20:2.4.11-23.20(x86_64)0:1.7.5-9.1(x86_64)0:2.1.0-20.2(x86_64)0:0.99.4-33.9.1(x86_64)0:5.0.14-3.10:5.0.14-3.10:2.25-6.690:2.25-6.50:2.25-6.10:2.25-30.10:2.25-30.40:2.28-40.280:2.28-40.170:2.28-40.10:2.29.2-2.30:2.29.2-2.20:2.29.2-7.140:2.29.2-7.7(x86_64)0:3.1.2-9.10:3.1.2-9.10:3.1.2-22.10:3.1.2-25.10:8.22-5.170:8.22-9.10:8.25-12.80:8.25-13.7.10:3.10.5-1.110:3.20.4-7.20:3.20.5-9.6(x86_64)0:0.9.0~git.1456906198.f422461-21.9.1(x86_64)0:2.7.9-14.10:1.6.2-4.120:1.6.2-11.10:1.6.2-12.5.10:1.3.2-3.610:1.3.2-4.3.10:5.0.1-3.530:5.0.1-7.10:1.7.2-3.620:1.7.4-9.20:1.7.4-17.10:1.1.3-3.550:1.4.2-3.560:1.5.0-6.20:0.9.8-3.560:0.9.8-7.10:1.0.7-3.540:1.0.10-3.570:1.0.10-7.10:1.0.8-3.570:1.0.8-7.10:1.1.4-3.590:1.1.3-3.520:1.1.3-3.540:1.1.14-3.600:1.1.14-4.6.10:1.0.2-3.580:1.2.2-3.600:1.2.2-7.10:1.10-1.210:1.10-3.10:1.10-4.3.10:0.15.4-3.880:0.15.4-21.1(x86_64)0:1.4.7-20.10:1.4.7-20.10:1.5.2-2.10:1.5.2-3.2.10:1.2.0-7.310:2.5.2.26539-13.420:2.5.2.26539-15.1(x86_64)0:4.4.1_08-5.2(x86_64)0:4.4.1_08_k3.12.28_4-5.20:1.7.2.4-1.20:1.7.2.4-3.1(x86_64)0:1.0.2-9.10:5.43-5.33(x86_64)0:0.8.9.0+git20170610.f6dd59a-15.4.10:2.7.7-2.120:3.4.1-2.760:2.7.9-20.20:2.7.9-24.10:2.7.13-28.11.10:1.6.1-9.10:1.6.1-16.10:1.6.1-16.33.10:1.6.1-16.39.10:1.6.1-16.61.1(x86_64)0:0.12.4-6.10:0.12.5-2.20:0.12.7-6.30:0.12.8-1.170:0.12.8-6.10:0.14-1.70:16.0.0-2.3.20:16.0.0-4.6.10:0.11_git201205151338-8.170:1.4.10.1-2.250:1.5.0-2.130:1.4.14-4.110:1.5.0-7.100:1.5.0-11.2(x86_64)0:4.4.4_02-22.19.1(x86_64)0:4.4.4_02_k3.12.55_52.42-22.19.1(x86_64)0:4.5.2_06-7.1(x86_64)0:4.5.2_06_k3.12.53_60.30-7.1(noarch)0:3.4-3.3.1(x86_64)0:9.15-17.20:9.15-22.10:9.25-23.13.10:2.0-12.130:0.11-2.220:0.1.6-1.19(x86_64)0:0.38-10.10:0.1.6-7.1(x86_64)0:3.12.32-33.1(noarch)0:3.12.32-33.10:0.7.0-4.7(x86_64)0:4.11.2-10.10:4.11.2-10.10:4.11.2-15.10:4.11.2-16.16.10:1.0.58-2.60:1.0.58-8.10:1.0.58-13.10:1.0.58-17.110:1.0.58-19.2.30:1.11.4-1.12(x86_64)0:0.98.5-6.1(x86_64)0:2.19-20.3(noarch)0:2.19-20.3(x86_64)0:3.12.55-52.42.1(noarch)0:3.12.55-52.42.1(x86_64)0:3.12.53-60.30.1(noarch)0:3.12.53-60.30.1(noarch)0:2.24.24-3.1(x86_64)0:2.24.24-3.10:3.20.4-7.70:2.24.31-7.11(x86_64)0:2007e_suse-19.10:2.1.3-1.140:1.3.0-17.30:1.4.3-7.20:1.6.0-12.60:1.6.0-18.11.10:1.6.0-18.23.720:2.7.0-264.1330:4.7.4-1.130:4.7.4-3.3.200:0.158-3.2000:0.158-6.1(x86_64)0:2.9.1-26.12.1(x86_64)0:0.9.8j-70.2(x86_64)0:1.11.5.1-28.10:1.0.2-7.90:2.0.0~git.1463131968.4e66df7-11.690:2.0.0~git.1463131968.4e66df7-12.3.20:1.5.21-44.380:1.5.21-49.10:1.6.0-54.10:1.10.1-55.6.1(i586|x86_64)0:11.2.202.411-4.1(x86_64)0:11.2.202.418-11.1(i586|x86_64)0:11.2.202.481-93.1(i586|x86_64)0:11.2.202.425-19.1(x86_64)0:5.0.5-6.7.20:5.0.5-6.7.2(x86_64)0:2.4.8-16.2(noarch)0:2.4.8-16.20:4.10.7-1.130:4.10.10-9.10:4.12-15.20:4.13.1-18.1(x86_64)0:31.3.0esr-15.2(x86_64)0:31.0-9.1(x86_64)0:3.17.2-12.4(x86_64)0:31.4.0esr-20.1(x86_64)0:3.17.3-16.1(noarch)0:0.25-9.3.10:2.3.0-6.5.20:2.8.1-6.11.10:2.8.1-6.16.10:2.11.1-6.28.10:2.7.0-2.30:1.1.7-21.15(x86_64)0:2.5.3-5.10:2.1.0-3.120:2.1.0-5.10:2.1.0-12.10:2.1.0-23.10:2.1.0-24.9.10:4.2-75.20:6.2-75.20:4.3-78.390:6.3-78.390:4.3-82.10:6.3-82.10:4.3-83.15.10:6.3-83.15.10:6.6p1-4.60:6.6p1-29.10:7.2p2-55.10:7.2p2-69.10:0.6.2-15.8(x86_64)0:1.7.1-4.10:1.7.1-4.10:1.7.1-6.10:2.4.7-1.70:2.4.7-3.40:6.04-5.40:2.0.2-1.60:2.0.2-6.10:2.4.6-11.30:2.4.6-12.3.10:3.7-2.130:3.7-4.10:3.7-11.10:4.9-1.70:4.9-3.5.1(x86_64)0:1.0.1i-9.30:1.5.1-1.12(x86_64)0:0.8.16-11.15(noarch)0:0.8.16-11.15(x86_64)0:3.10.4-5.11(noarch)0:3.10.4-5.11(x86_64)0:3.10.1-8.13(noarch)0:3.10.1-8.13(x86_64)0:1.7.0.75-11.3(x86_64)0:0.9.8j-66.3(x86_64)0:0.6.11-8.1(x86_64)0:2.46.1-3.4(x86_64)0:2.44.7-3.2(x86_64)0:14.39.0-10.1(x86_64)0:0.6.4-5.3(x86_64)0:3.1.20-3.3(x86_64)0:1.11.32-8.1(noarch)0:1.11.32-8.10:2.1.9-18.1(x86_64)0:1.0.1i-17.1(x86_64)0:1.6.1-13.1(x86_64)0:2.0.2-48.19.1(noarch)0:1.0.0-48.19.1(noarch)0:1.7.4-48.19.1(noarch)0:8-48.19.1(x86_64)0:4.4.1_10-9.1(x86_64)0:4.4.1_10_k3.12.36_38-9.10:3.22-267.120:3.22-269.3.5(x86_64)0:8.4.0-5.10:2.0-778.1(x86_64)0:1.8.12-6.5(x86_64)0:1.8.12-6.1(x86_64)0:3.12.43-52.6.1(noarch)0:3.12.43-52.6.1(x86_64)0:1.2.5-21.1(x86_64)0:2.9.1-10.1(x86_64)0:4.5.3_08-17.1(x86_64)0:4.5.3_08_k3.12.59_60.45-17.1(x86_64)0:3.12.38-44.1(noarch)0:3.12.38-44.10:0.7-14.20:0.9-2.140:0.9-20.30:0.9-23.14(x86_64)0:2.2-8.10:2.2-8.10:2.2-14.20:2.2-15.3.1(x86_64)0:3.12.36-38.1(noarch)0:3.12.36-38.1(x86_64)0:4.3.3.2-6.1(noarch)0:4.3.3.2-6.1(x86_64)0:2.10.9-8.1(noarch)0:2.10.9-8.1(x86_64)0:7.37.0-5.1(x86_64)0:5.19-5.20:5.0-2.70:5.0-4.10:2.08-1.13(x86_64)0:1.14-7.10:2.99.914-4.10:2.99.914-7.10:2.99.917.641_ge4ef6e9-12.30:2.99.917.770_gcb6ba2da-1.230:2.99.917+git781.c8990575-1.27(x86_64)0:2.1.9-15.10:4.8.3+r212056-6.30:4.8.5-24.10:4.8.5-30.10:4.8.5-31.17.1(x86_64)0:1.12.1-9.10:5.2.2-4.20:5.2.4-6.1(x86_64)0:0.9.9-16.10:2.0.21-4.10:2.0.21-6.3.1(x86_64)0:4.2-82.1(noarch)0:4.2-82.1(x86_64)0:6.2-82.1(noarch)0:6.2-82.1(x86_64)0:1.7.0.71-6.20:4.0.4-2.10:4.0.4-13.10:4.0.4-6.10:4.0.4-14.1(x86_64)0:5.8-7.10:5.8-7.1(x86_64)0:3.10.2-20.1(noarch)0:3.10.2-20.10:3.10.2-20.10:3.20.1-40.50:3.20.1-49.30:3.20.1-50.5.8(x86_64)0:2.0.2-48.9.1(noarch)0:1.0.0-48.9.1(noarch)0:1.7.4-48.9.1(noarch)0:8-48.9.1(x86_64)0:2.0.2-42.1(noarch)0:1.0.0-42.1(noarch)0:1.7.4-42.1(noarch)0:8-42.1(x86_64)0:2.1.2-9.10:2.1.2-9.10:2.1.2-12.3(x86_64)0:7.6_1.15.2-17.2(x86_64)0:7.6_1.15.2-28.4(x86_64)0:2.3.2-11.10:2.3.8-16.3.10:2.3.8-16.6.40:2.3.8-16.17.10:2.3.8-16.20.1(x86_64)0:5.19-9.1(x86_64)0:5.22-10.3.1(x86_64)0:1.2.0-3.1(x86_64)0:2.19-22.7.1(noarch)0:2.19-22.7.1(x86_64)0:4.0.4-12.2(x86_64)0:4.0.7-35.1(x86_64)0:4.0.9-44.7.1(x86_64)0:0.6.3-4.1(x86_64)0:1.900.1-166.10:1.900.1-170.1(x86_64)0:6.00-28.10:6.00-32.10:6.00-33.8.1(noarch)0:1.1.3-7.1(noarch)0:1.3.0-4.2(x86_64)0:0.1.1-5.3(noarch)0:1.1.3-4.3(x86_64)0:0.5.0-5.1(x86_64)0:0.1.2-4.2(x86_64)0:0.1.3-3.5(noarch)0:1.1.3-4.9(x86_64)0:0.1.1-4.9(x86_64)0:0.0.1-2.1(x86_64)0:1.3.1-3.1(x86_64)0:2.8.8-9.1(x86_64)0:0.9.1-3.1(x86_64)0:0.5.7-3.1(noarch)0:0.2.10-4.8(noarch)0:1.1.3-3.2(x86_64)0:0.1.2-5.1(x86_64)0:0.3.6-3.3(x86_64)0:0.1.4-3.9(x86_64)0:0.7.1-3.1(x86_64)0:0.0.2-2.3(x86_64)0:5.0.2.2-13.14(noarch)0:5.0.2.2-13.14(noarch)0:1-2.1(x86_64)0:4.1-6.3(x86_64)0:0.0.2-4.1(noarch)0:1.1.2-4.3(x86_64)0:0.1.3-4.3(x86_64)0:3.7.1-3.1(x86_64)0:0.4.1-3.1(noarch)0:1.18-3.2(noarch)0:20150827-5.1(x86_64)0:20150827-5.1(noarch)0:0.9.4-4.5(noarch)0:1.3-4.1(x86_64)0:52.1-8.3.1(x86_64)0:52.1-8.7.10:52.1-8.7.1(x86_64)0:1.900.1-170.1(x86_64)0:9.3.6-5.1(x86_64)0:9.3.6-5.2(x86_64)0:5.0.9-8.10:5.0.9-8.10:5.0.9-21.60:5.0.9-27.20:5.0.9-28.3.5(x86_64)0:1.3.0-22.3(x86_64)0:3.1.0-6.1(x86_64)0:6.8.8.1-8.2(x86_64)0:11.2.202.424-15.1(x86_64)0:2.24-7.10:2.25.0-13.10:2.26.1-9.12.1(x86_64)0:9.9.5P1-8.1(x86_64)0:3.2.15-4.1(x86_64)0:4.5.1-4.1(x86_64)0:1.8.1-9.1(x86_64)0:4.9.0-13.10:4.9.0-13.10:4.9.2-14.5.1(x86_64)0:1.3.0-6.10:1.3.0-6.10:1.3.0-11.1(x86_64)0:10.0.20-18.1(x86_64)0:8.39-7.10:8.39-7.10:8.39-8.3.1(x86_64)0:1.3.0-9.10:1.3.0-9.10:1.3.0-23.1(x86_64)0:1.3.1-30.3(x86_64)0:62.1.0-30.1(x86_64)0:1.3.1-30.1(x86_64)0:8.0.2-30.30:1.3.1-30.30:62.1.0-30.10:1.3.1-30.10:8.0.2-30.30:1.5.3-31.7.40:62.2.0-31.7.40:8.1.2-31.7.4(x86_64)0:4.3.5.2-10.1(noarch)0:4.3.5.2-10.1(x86_64)0:2.11-29.1(noarch)0:2.11-29.1(x86_64)0:2.25-10.1(x86_64)0:2.25-10.3(noarch)0:2.25-10.1(x86_64)0:1.5.21-49.1(x86_64)0:1.10.1-55.6.1(x86_64)0:0.1.6-4.1(x86_64)0:4.5.1-7.10:4.5.1-7.10:4.5.1-10.1(x86_64)0:5.1.3-9.1(noarch)0:5.1.3-9.1(x86_64)0:4.2.6p5-37.2(x86_64)0:4.2.6p5-31.1(x86_64)0:0.98.6-10.1(x86_64)0:0.158-6.1(x86_64)0:3.1.2-7.10:3.1.2-7.1(x86_64)0:1.6.8-5.1(x86_64)0:1.0.25-21.1(x86_64)0:3.1.0-9.3(x86_64)0:0.4-10.1(noarch)0:20140630-5.10:20140630-5.10:20140630-6.3.1(x86_64)0:6.00-32.1(x86_64)0:6.00-33.8.1(x86_64)0:1.4.0-23.1(noarch)0:1.4.0-23.1(x86_64)0:1.4.0-19.1(noarch)0:1.4.0-19.1(x86_64)0:1.21.1-3.30:1.21.1-3.3(x86_64)0:52.1-7.10:52.1-7.1(x86_64)0:2.5.5-7.5.1(x86_64)0:1.7.5-5.1(x86_64)0:1.8.10p3-2.6.1(x86_64)0:103-7.1(x86_64)0:2.1.0-5.1(x86_64)0:3.12.60-52.49.1(noarch)0:3.12.60-52.49.1(x86_64)0:3.12.59-60.41.2(noarch)0:3.12.59-60.41.2(x86_64)0:3.12.59-60.41.1(noarch)0:3.4.0.2-15.1(x86_64)0:4.2.1-11.1(x86_64)0:4.0.4-13.1(x86_64)0:3.12.44-52.10.1(noarch)0:3.12.44-52.10.1(x86_64)0:0.4-14.4(x86_64)0:1.0.25-25.1(x86_64)0:2.19-22.13.1(noarch)0:2.19-22.13.1(x86_64)0:2.19-35.1(noarch)0:2.19-35.1(x86_64)0:210-70.48.1(noarch)0:210-70.48.1(x86_64)0:210-104.1(noarch)0:210-104.1(x86_64)0:6.8.8.1-30.2(x86_64)0:6.8.8.1-54.1(x86_64)0:3.12.62-60.62.1(noarch)0:3.12.62-60.62.1(x86_64)0:6.8.8.1-40.1(x86_64)0:2.29.1-9.20.2(x86_64)0:2.31-9.26.10:2.31-9.26.1(x86_64)0:1.0.1i-20.1(x86_64)0:1.2.5-27.10.1(x86_64)0:4.1.12-16.1(noarch)0:4.1.12-16.1(x86_64)0:1.8.16-14.1(x86_64)0:1.42.11-7.10:1.42.11-7.10:1.42.11-15.10:1.43.8-1.19(x86_64)0:3.1.1-4.1(x86_64)0:1.3.2-10.2(x86_64)0:1.4.1-32.1(x86_64)0:7.6_1.15.2-21.1(x86_64)0:3.12.51-52.31.1(noarch)0:3.12.51-52.31.1(x86_64)0:0.9.8j-81.1(x86_64)0:1.0.1i-27.3.1(x86_64)0:3.2.15-7.2(x86_64)0:5.3.1-4.4.2(x86_64)0:4.8.6-4.2(x86_64)0:4.8.6-4.10:5.3.2-1.810:5.6.1-11.70:5.6.2-5.90:5.6.2-6.12.1(i586|x86_64)0:11.2.202.429-23.1(i586|x86_64)0:11.2.202.438-27.1(i586|x86_64)0:11.2.202.440-31.1(i586|x86_64)0:11.2.202.442-67.1(i586|x86_64)0:11.2.202.451-77.1(i586|x86_64)0:11.2.202.457-80.1(x86_64)0:1.7.0.79-15.1(x86_64)0:1.10.12-4.1(x86_64)0:3.12.39-47.1(noarch)0:3.12.39-47.1(x86_64)0:037-51.17.3(x86_64)0:31.7.0esr-34.1(x86_64)0:0.10.23-17.1(noarch)0:0.10.23-17.10:0.10.23-17.10:0.10.23-20.510:0.10.23-25.1(x86_64)0:31.6.0esr-30.1(x86_64)0:31.5.3esr-27.1(x86_64)0:31.5.0esr-24.1(x86_64)0:1.6.1-16.10:1.18.4-14.2160:0.2.8.4-242.3(x86_64)0:1.16.10-12.6.1(x86_64)0:9.20.1-3.20:9.20.1-3.20:9.20.1-6.10:9.20.1-7.3.1(noarch)0:20170530-21.19.1(x86_64)0:2.3-5.10:2.3-5.1(x86_64)0:2.7.5-7.1(x86_64)0:2.1.0-4.9.10:2.1.0-4.9.1(x86_64)0:2.1.0-17.1(x86_64)0:9.9.6P1-18.1(x86_64)0:3.12.74-60.64.40.1(noarch)0:3.12.74-60.64.40.1(x86_64)0:4.4.38-93.1(noarch)0:4.4.38-93.1(x86_64)0:2.4.39-16.10:2.4.41-18.25.10:2.4.41-18.29.10:2.4.41-18.40.1(x86_64)0:2.0.24-3.2(noarch)0:2.0.24-3.2(x86_64)0:2.0.2-46.1(noarch)0:1.0.0-46.1(noarch)0:1.7.4-46.1(noarch)0:8-46.1(x86_64)0:1.4.3-11.10:1.4.3-11.10:1.4.3-19.1(x86_64)0:0.9.8j-78.1(x86_64)0:1.0.1i-25.1(x86_64)0:4.2.6p5-44.1(x86_64)0:1.4.7-4.1(x86_64)0:1.4.7-7.1(x86_64)0:2.9.1-13.1(x86_64)0:1.28-4.1(x86_64)0:1.14-10.30:1.28-4.10:1.28-5.3.1(x86_64)0:0.98.7-13.1(x86_64)0:1.10.13-8.1(x86_64)0:1.0.58-5.1(noarch)0:2.8.1-6.9.1(x86_64)0:3.1.2-25.1(x86_64)0:0.11.1-6.1(x86_64)0:1.7.0.85-18.20:1.8.0.65-1.130:1.8.0.101-14.30:1.8.0.131-26.30:1.8.0.181-27.26.2(x86_64)0:1.12.1-19.1(x86_64)0:1.12.1-22.5(x86_64)0:31.8.0esr-37.3(x86_64)0:3.19.2_CKBI_1.98-21.1(x86_64)0:4.10.8-3.1(x86_64)0:4.4.2_04-18.1(x86_64)0:4.4.2_04_k3.12.39_47-18.1(x86_64)0:4.4.2_02-15.1(x86_64)0:4.4.2_02_k3.12.38_44-15.1(x86_64)0:3.7-4.10:1.0.12-8.60:1.0.12-12.40:1.0.12-13.6.1(x86_64)0:3.12.51-60.20.2(noarch)0:3.12.51-60.20.2(i586|x86_64)0:11.2.202.460-83.1(i586|x86_64)0:11.2.202.466-86.1(x86_64)0:11.2.202.508-99.1(i586|x86_64)0:11.2.202.468-89.1(x86_64)0:7.37.0-15.1(x86_64)0:0.6.3-8.1(x86_64)0:9.3.8-8.1(x86_64)0:1.0.1i-27.6.1(x86_64)0:1.0.1i-36.1(x86_64)0:0.9.8j-87.1(x86_64)0:0.9.8j-94.1(x86_64)0:1.0.1i-27.13.1(x86_64)0:1.0.1i-44.1(x86_64)0:2.9.3-5.1(x86_64)0:2.0.2-48.4.1(noarch)0:1.0.0-48.4.1(noarch)0:1.7.4-48.4.1(noarch)0:8-48.4.1(x86_64)0:4.4.2_06-21.1(x86_64)0:4.4.2_06_k3.12.39_47-21.1(x86_64)0:0.113-4.1(x86_64)0:4.1.12-18.3.1(x86_64)0:1.1.24-4.3.1(x86_64)0:2.1.5-3.4.1(x86_64)0:1.3.8-2.3.1(x86_64)0:0.9.26-3.3.1(noarch)0:4.1.12-18.3.1(x86_64)0:4.2.4-6.1(x86_64)0:1.1.24-4.1(x86_64)0:2.1.5-4.1(x86_64)0:1.3.8-4.1(x86_64)0:0.9.26-4.1(noarch)0:4.2.4-6.10:1.1.26-10.40:1.1.29-1.130:1.1.29-3.3.1(x86_64)0:9.15-6.50:9.15-6.5(x86_64)0:1.1.8-23.1(noarch)0:1.1.8-23.1(x86_64)0:1.1-11.3.1(x86_64)0:8.24.0-3.3.1(x86_64)0:0.12.4-8.5.1(x86_64)0:1.0.58-8.1(x86_64)0:4.4.2_08-22.5.1(x86_64)0:4.4.2_08_k3.12.43_52.6-22.5.1(x86_64)0:4.5.2_02-4.1(x86_64)0:4.5.2_02_k3.12.49_11-4.1(x86_64)0:2.71-4.10:2.71-8.30:2.71-10.10:2.76-17.10:2.78-18.3.1(x86_64)0:2.4.7-3.4(x86_64)0:2.0019-5.30:2.0019-5.30:2.0019-6.3.5(x86_64)0:3.2.15-11.1(x86_64)0:3.7-11.1(x86_64)0:1.10.14-12.1(x86_64)0:1.12.7-15.1(x86_64)0:0.15.4-9.2(x86_64)0:2.4.41-18.13.1(x86_64)0:6.6p1-29.1(x86_64)0:1.7.2.4-3.1(x86_64)0:4.4.3_02-22.12.1(x86_64)0:4.4.3_02_k3.12.48_52.27-22.12.1(x86_64)0:8.22-9.1(noarch)0:8.22-9.1(x86_64)0:2.2-14.2(x86_64)0:5.1.3-18.1(noarch)0:5.1.3-18.1(x86_64)0:38.2.1esr-45.1(x86_64)0:31.0-14.1(x86_64)0:3.19.2.0-26.2(noarch)0:2.30.6-7.2(x86_64)0:2.30.6-7.2(noarch)0:2.34.0-19.14.2(x86_64)0:2.34.0-19.14.2(x86_64)0:38.3.0esr-48.1(x86_64)0:4.10.9-6.1(x86_64)0:38.4.0esr-51.1(x86_64)0:31.0-17.1(x86_64)0:3.19.2.1-29.1(x86_64)0:4.10.10-9.1(x86_64)0:1.7.0.91-21.2(x86_64)0:10.0.22-20.3.1(x86_64)0:10.0.22-3.1(x86_64)0:1.7.0.95-24.2(i586|x86_64)0:11.2.202.491-96.1(x86_64)0:3.12.48-52.27.1(noarch)0:3.12.48-52.27.1(x86_64)0:3.12.48-52.27.2(x86_64)0:4.4.2_10-22.8.1(x86_64)0:4.4.2_10_k3.12.44_52.10-22.8.1(x86_64)0:2.22-100.15.4(noarch)0:2.22-100.15.4(x86_64)0:1.4.8-5.3.30:1.4.8-8.20:1.4.8-16.10:1.4.8-17.3.4(x86_64)0:2.8.1-8.3.3(x86_64)0:2.8.1-8.3.1(x86_64)0:2.8.1-10.3.2(x86_64)0:10.1.0-5.3.1(x86_64)0:10.1.0-8.10:10.1.5-2.170:10.3.0-2.6(x86_64)0:0.8-3.10:0.8-3.10:1.1.1-6.73(noarch)0:2.1-8.1(x86_64)0:2.25-24.3.2(x86_64)0:2.25-24.3.3(noarch)0:2.25-24.3.2(x86_64)0:2.25-24.3.1(x86_64)0:4.2.8p9-55.1(x86_64)0:1.6.1-2.3.1(x86_64)0:0.12.5-4.1(x86_64)0:4.8.5-24.1(noarch)0:4.8.5-24.1(x86_64)0:5.3.1+r233831-9.10:5.3.1+r233831-9.10:5.3.1+r233831-12.1(x86_64)0:9.4.5-4.1(x86_64)0:9.3.10-11.1(x86_64)0:9.4.5-4.5(x86_64)0:4.2.8p6-46.5.2(noarch)0:3.1.12.4-8.2(x86_64)0:4.2.8p6-8.2(noarch)0:3.1.22-6.2(x86_64)0:4.4.3_06-22.15.1(x86_64)0:4.4.3_06_k3.12.48_52.27-22.15.1(x86_64)0:1.2.18.2-8.1(x86_64)0:4.2.4-18.17.1(noarch)0:4.2.4-18.17.1(x86_64)0:4.2.4-16.1(noarch)0:4.2.4-16.1(x86_64)0:9.9.6P1-23.1(x86_64)0:11.2.202.521-102.1(x86_64)0:11.2.202.535-105.1(x86_64)0:5.7.2.1-4.3.2(x86_64)0:9.9.6P1-26.1(x86_64)0:2.3.1-14.1(noarch)0:1.0.0-14.1(noarch)0:1.8.1-14.1(noarch)0:8-14.1(x86_64)0:1.4.0-26.1(noarch)0:1.4.0-26.1(x86_64)0:4.0.4-23.3.3(x86_64)0:38.5.0esr-54.1(x86_64)0:0.2.1_rc4-13.3.10:0.2.1_rc4-16.20:0.2.3-21.40:0.2.3-23.1(x86_64)0:1.6.1-16.27.1(x86_64)0:2.0.2-48.12.1(noarch)0:1.0.0-48.12.1(noarch)0:1.7.4-48.12.1(noarch)0:8-48.12.1(x86_64)0:2.3.1-7.7(noarch)0:1.0.0-7.7(noarch)0:1.8.1-7.7(noarch)0:8-7.7(noarch)0:4.9.0beta-3.3.1(x86_64)0:4.9.0beta-3.3.10:4.9.0beta-3.3.1(x86_64)0:3.12.51-52.34.1(noarch)0:3.12.51-52.34.1(noarch)0:2.30.6-10.1(x86_64)0:2.30.6-10.1(x86_64)0:4.0.6-19.1(x86_64)0:5.0.5-7.10:5.0.5-12.1(x86_64)0:4.1.12-18.8.1(noarch)0:4.1.12-18.8.1(x86_64)0:4.2.4-11.1(noarch)0:4.2.4-11.1(x86_64)0:3.19.2.2-32.1(x86_64)0:1.8.0.72-3.2(x86_64)0:11.2.202.540-108.1(x86_64)0:11.2.202.548-111.1(x86_64)0:4.2.8p8-46.8.1(x86_64)0:4.2.8p7-11.1(x86_64)0:0.3.6-10.10:0.3.6-10.1(x86_64)0:1.12.9-22.1(x86_64)0:1.2.50-10.1(x86_64)0:1.1.28-16.10:1.1.28-16.1(x86_64)0:9.9.6P1-28.6.1(x86_64)0:9.9.6P1-32.1(x86_64)0:5.1.3-22.1(noarch)0:5.1.3-22.1(x86_64)0:5.22-7.10:5.22-7.1(x86_64)0:11.2.202.554-114.1(x86_64)0:3.1.14-7.3(x86_64)0:1.2.4-5.3(x86_64)0:4.8.6+2.3.3-3.1(x86_64)0:2.32.1-16.1(noarch)0:2.32.1-16.1(x86_64)0:4.12.0-7.3(x86_64)0:10.66.3-4.1(x86_64)0:2.0.0-11.10:5.6.1-9.40:5.6.2-1.31(x86_64)0:1.2.50-13.1(x86_64)0:1.6.8-11.1(x86_64)0:1.5.22-4.1(x86_64)0:6.6p1-42.1(x86_64)0:1.0.58-13.1(x86_64)0:2.02~beta2-56.9.4(noarch)0:2.02~beta2-56.9.4(x86_64)0:2.02~beta2-73.3(noarch)0:2.02~beta2-73.30:2.02~beta2-104.160:2.02-2.120:2.02-11.8(x86_64)0:11.2.202.559-117.1(x86_64)0:1.2.50-19.1(x86_64)0:1.5.22-9.1(x86_64)0:4.2.6-14.3.1(x86_64)0:4.3.3-4.1(x86_64)0:1.12.1-25.1(x86_64)0:9.9.6P1-28.9.1(x86_64)0:9.9.6P1-35.1(x86_64)0:3.12.57-60.35.1(noarch)0:3.12.57-60.35.1(x86_64)0:4.4.49-92.11.1(noarch)0:4.4.49-92.11.1(x86_64)0:2.9.1-17.1(x86_64)0:4.0.6-26.3(x86_64)0:2.7.1-9.10:2.7.1-9.10:2.7.1-12.1(x86_64)0:2.9.1-24.1(x86_64)0:4.0.0-8.1(x86_64)0:5.18.2-11.1(noarch)0:5.18.2-11.1(x86_64)0:0.24.4-12.1(x86_64)0:2.1.0-4.3.2(x86_64)0:3.0.26-6.50:3.0.26-6.5(x86_64)0:2.71-13.1(x86_64)0:3.1.2-22.1(x86_64)0:103-8.3.1(x86_64)0:0.12.1-12.1(x86_64)0:0.3.11-9.1(x86_64)0:5.3.3.2-40.5.9(noarch)0:5.3.3.2-40.5.9(x86_64)0:0.0.3-2.1(noarch)0:20170511-15.1(x86_64)0:20170511-15.1(x86_64)0:0.12.1-13.2.1(x86_64)0:0.3.11-7.5.1(x86_64)0:0.12.1-10.5.1(x86_64)0:5.3.5.2-43.5.4(noarch)0:5.3.5.2-43.5.4(x86_64)0:0.0.3-4.1(x86_64)0:0.0.1-4.1(noarch)0:20170511-16.2.1(x86_64)0:20170511-16.2.1(x86_64)0:3.12.67-60.64.18.1(noarch)0:3.12.67-60.64.18.1(x86_64)0:3.12.69-60.64.29.1(noarch)0:3.12.69-60.64.29.1(x86_64)0:1.1.14-4.6.1(x86_64)0:10.0.25-20.6.1(x86_64)0:10.0.25-6.1(x86_64)0:4.3-83.10.1(noarch)0:4.3-83.10.1(x86_64)0:6.3-83.10.1(noarch)0:6.3-83.10.1(x86_64)0:1.7.0.99-27.1(x86_64)0:1.8.0.77-6.1(x86_64)0:1.7.0.101-30.1(x86_64)0:1.8.0.91-11.1(x86_64)0:0.9.8j-97.1(x86_64)0:3.12.51-52.39.1(noarch)0:3.12.51-52.39.1(x86_64)0:3.12.51-60.25.1(noarch)0:3.12.51-60.25.1(x86_64)0:3.1.1-7.1(x86_64)0:0.6.3-11.1(x86_64)0:0.12.4-8.9.1(x86_64)0:7.37.0-18.1(x86_64)0:2.7.9-24.2(x86_64)0:3.4.5-17.1(x86_64)0:2.7.9-24.1(x86_64)0:3.4.5-19.1(x86_64)0:6.6p1-33.1(x86_64)0:1.4.3-16.1(noarch)0:1.54.0-15.1(x86_64)0:1.3.2-18.1(x86_64)0:1_3335ac1-2.1(x86_64)0:1.54.0-15.1(x86_64)0:0.5.1-8.2(x86_64)0:0.1.6-6.3(x86_64)0:2.8.8-12.1(x86_64)0:0.11.0-6.2(x86_64)0:0.11.0-6.1(x86_64)0:5.1.3.2-22.9(noarch)0:5.1.3.2-22.9(x86_64)0:0.1.5-7.1(x86_64)0:0.4.2-6.1(noarch)0:20160511-11.1(x86_64)0:20160511-11.1(x86_64)0:11.2.202.577-123.1(x86_64)0:11.2.202.569-120.1(x86_64)0:6.6p1-54.7.1(x86_64)0:7.2p2-66.1(x86_64)0:7.2p2-66.3(x86_64)0:4.5.5_04-22.6.1(x86_64)0:4.5.5_04_k3.12.67_60.64.24-22.6.1(x86_64)0:4.7.1_04-28.1(x86_64)0:2.6.2-41.16.1(noarch)0:1.0.0-41.16.1(noarch)0:1.9.1-41.16.1(noarch)0:8-41.16.1(x86_64)0:4.8.7+2.3.4-4.5.1(x86_64)0:2.0.3-17.2.1(x86_64)0:4.8.7-8.6.1(x86_64)0:0.2.0-11.2.4(x86_64)0:6.8.8.1-59.1(x86_64)0:11.2.202.621-130.1(x86_64)0:1.6.8-14.1(x86_64)0:4.0.9-44.30.1(x86_64)0:1.8.10-6.1(x86_64)0:2.3.1-32.11(noarch)0:1.0.0-32.11(noarch)0:1.8.1-32.11(noarch)0:8-32.11(x86_64)0:4.5.5_06-22.11.2(x86_64)0:4.5.5_06_k3.12.69_60.64.32-22.11.2(x86_64)0:2.6.2-41.9.1(noarch)0:1.0.0-41.9.1(noarch)0:1.9.1-41.9.1(noarch)0:8-41.9.1(x86_64)0:228-132.1(noarch)0:228-132.1(x86_64)0:0.5.0-11.10:0.5.0-11.1(x86_64)0:3.5.11-5.10:3.5.11-5.1(x86_64)0:1.7.0.161-43.7.6(x86_64)0:1.8.0.151-27.8.1(x86_64)0:2.7-9.7.10:2.7-9.7.1(x86_64)0:2.1.0-23.1(x86_64)0:4.60.99-5.3.10:4.60.99-5.3.1(x86_64)0:2.0.21-6.3.1(x86_64)0:52.2.0esr-108.3(x86_64)0:52-31.1(x86_64)0:1.2.4-2.9.1(noarch)0:1.2.4-2.9.1(x86_64)0:1.8.3-12.12(noarch)0:1.8.3-12.120:1.8.3-15.1(x86_64)0:4.4.59-92.17.3(noarch)0:4.4.59-92.17.2(x86_64)0:4.4.59-92.17.2(x86_64)0:1.4.3-19.1(x86_64)0:1.6.0-16.4(x86_64)0:3.1.2-26.3.1(x86_64)0:3.1.2-26.6.1(x86_64)0:9.15-23.7.1(x86_64)0:9.15-22.1(x86_64)0:2.6.3-7.15.1(x86_64)0:1.8.6-3.3.1(x86_64)0:1.900.14-194.1(x86_64)0:0.158-7.7.2(x86_64)0:4.0.7-43.1(x86_64)0:3.5.0-20.10:3.5.0-20.1(x86_64)0:4.0.8-44.3.1(x86_64)0:2.1.0-4.6.1(x86_64)0:7.2p2-74.19.1(x86_64)0:2.7.5-8.5.1(x86_64)0:2.19-22.16.2(noarch)0:2.19-22.16.2(x86_64)0:2.19-38.2(noarch)0:2.19-38.2(x86_64)0:3.4.2-44.3.1(x86_64)0:7.4.326-7.1(noarch)0:7.4.326-7.1(x86_64)0:9.9.6P1-28.12.1(x86_64)0:9.9.6P1-38.1(x86_64)0:9.20.1-7.3.1(x86_64)0:1.3.1-6.10:1.3.1-6.10:1.3.1-9.10:1.3.1-10.3.1(x86_64)0:38.6.1esr-60.1(x86_64)0:3.1.2-12.10:1.7.1-1.84(x86_64)0:4.2.8p11-64.5.1(x86_64)0:3.12.55-52.45.1(noarch)0:3.12.55-52.45.1(x86_64)0:3.1.41.3-9.10:3.1.57-16.70:3.2.11-1.470:3.2.17-1.5(noarch)0:3.0-82.10:3.0-85.10:3.0-94.10:3.0-95.18.1(x86_64)0:2.9.4-36.10:2.12.5-1.120:2.20.3-2.23.8(x86_64)0:2.1.0-4.12.2(x86_64)0:38.6.0esr-57.3(x86_64)0:31.0-20.1(x86_64)0:3.20.2-37.1(x86_64)0:38.7.0esr-63.3(x86_64)0:3.20.2-40.1(x86_64)0:4.12-12.1(x86_64)0:45.9.0esr-105.1(x86_64)0:1.8.0.121-23.4(x86_64)0:3.29.5-57.1(x86_64)0:4.13.1-18.1(x86_64)0:2.11-32.1(noarch)0:2.11-32.1(x86_64)0:3.1.1-12.3(x86_64)0:1.0.1i-27.16.1(x86_64)0:1.0.1i-47.1(x86_64)0:0.9.8j-105.1(x86_64)0:1.0.1i-54.5.1(x86_64)0:4.2.4-18.20.1(noarch)0:4.2.4-18.20.1(x86_64)0:4.2.4-19.1(noarch)0:4.2.4-19.1(x86_64)0:4.2.4-26.2(noarch)0:4.2.4-26.2(x86_64)0:4.2.4-28.3.1(noarch)0:4.2.4-28.3.1(x86_64)0:4.4.2-31.1(noarch)0:4.4.2-31.1(x86_64)0:0.9.8j-102.1(x86_64)0:1.0.1i-52.1(x86_64)0:1.7.0.131-39.1(x86_64)0:1.8.0.121-20.1(x86_64)0:9.20.1-6.1(x86_64)0:0.2.0-5.10:0.2.0-5.1(x86_64)0:2.3.1-21.1(noarch)0:1.0.0-21.1(noarch)0:1.8.1-21.1(noarch)0:8-21.1(x86_64)0:1.2.4-10.1(x86_64)0:1.2.4-14.3.10:1.2.4-14.3.1(x86_64)0:1.12.11-25.1(x86_64)0:4.2.6-14.6.1(x86_64)0:4.3.3-9.1(x86_64)0:9.9.9P1-59.1(x86_64)0:9.9.9P1-46.1(x86_64)0:38.8.0esr-66.2(x86_64)0:45.2.0esr-75.2(x86_64)0:45.0-28.2(x86_64)0:3.21.1-46.2(x86_64)0:4.12-15.2(x86_64)0:45.3.0esr-78.1(x86_64)0:68.2.0-109.95.2(x86_64)0:4.0.0-9.10:4.0.0-9.1(x86_64)0:1.12.1-28.1(x86_64)0:1.12.1-36.4(x86_64)0:1.0.6-30.5.1(x86_64)0:1.12.16-13.1(x86_64)0:1.7.0.111-33.1(x86_64)0:1.8.0.101-14.3(x86_64)0:10.0.26-9.2(x86_64)0:10.0.28-17.2(x86_64)0:4.0.6-31.1(x86_64)0:2.9.1-20.1(x86_64)0:4.0.9-44.15.20:1.6-2.2(x86_64)0:6.8.8.1-19.1(x86_64)0:5.0.5-12.1(x86_64)0:11.2.202.626-133.1(x86_64)0:11.2.202.632-137.1(x86_64)0:11.2.202.635-140.1(x86_64)0:11.2.202.637-143.1(x86_64)0:5.1.5.2-29.4(noarch)0:5.1.5.2-29.4(x86_64)0:1.3.0-23.1(x86_64)0:2.9.1-26.3.1(x86_64)0:2.9.4-33.1(x86_64)0:2.18.5-2.18.1(noarch)0:2.18.5-2.18.1(x86_64)0:2.0.0-17.1(x86_64)0:2.0.0-18.2.1(x86_64)0:4.2.8p8-14.1(x86_64)0:2.8.10-7.8(noarch)0:2.8.10-7.8(x86_64)0:3.12.60-52.54.2(noarch)0:3.12.60-52.54.1(x86_64)0:3.12.60-52.54.1(x86_64)0:1.2.18.4-11.7(x86_64)0:10.2.4+git.1481215985.12b091b-16.2(x86_64)0:6.8.8.1-33.1(x86_64)0:2.25-37.1(noarch)0:2.25-37.1(x86_64)0:2.28-42.1(x86_64)0:2.28-42.4(noarch)0:2.28-42.1(x86_64)0:2.28-42.3(x86_64)0:4.0.9-44.42.1(x86_64)0:1.1.5-6.1(x86_64)0:1.0.8-12.10:1.0.10-2.3(x86_64)0:2.1.0-12.1(x86_64)0:6.8.8.1-25.1(x86_64)0:2.9.4-46.12.1(x86_64)0:1.9.1-5.10:1.9.1-5.10:1.9.1-9.4.1(x86_64)0:3.12.62-60.64.8.2(noarch)0:3.12.62-60.64.8.2(x86_64)0:45.4.0esr-81.1(x86_64)0:45.5.0esr-88.1(x86_64)0:3.21.3-50.1(x86_64)0:4.0.9-44.21.1(x86_64)0:1.12.13-31.1(x86_64)0:2.11.0-6.10:2.11.1-7.1(x86_64)0:1.6.2-6.2(noarch)0:1.6.2-6.2(x86_64)0:5.0.1-5.2(x86_64)0:1.7.4-12.2(x86_64)0:1.4.2-5.2(x86_64)0:0.9.8-5.2(x86_64)0:1.2.2-5.2(x86_64)0:1.0.10-5.2(x86_64)0:1.0.8-5.2(x86_64)0:1.6.2-8.1(noarch)0:1.6.2-8.1(x86_64)0:5.0.1-7.1(x86_64)0:1.7.4-14.1(x86_64)0:0.9.8-7.1(x86_64)0:1.2.2-7.1(x86_64)0:1.0.10-7.1(x86_64)0:1.0.8-7.1(x86_64)0:7.37.0-28.1(x86_64)0:9.4.9-14.1(x86_64)0:1.7.0.121-36.2(x86_64)0:1.8.0.111-17.1(x86_64)0:2.25.35.1-3.1(x86_64)0:0.8.15-29.10:0.8.15-28.50:0.8.16-5.10:0.8.16-9.2(x86_64)0:2007e_suse-22.1(x86_64)0:1.0.1-16.3.10:1.0.1-16.3.1(x86_64)0:3.8.10.2-3.10:3.8.10.2-3.10:3.8.10.2-8.1(x86_64)0:6.6p1-52.1(x86_64)0:4.2.1-27.9.10:4.2.1-27.19.1(x86_64)0:4.5.3_10-20.1(x86_64)0:4.5.3_10_k3.12.62_60.62-20.1(x86_64)0:1.6.1-16.33.1(x86_64)0:2.9.0-7.10:2.9.0-7.1(x86_64)0:1.27.1-11.1(noarch)0:1.27.1-11.1(x86_64)0:0.6.21-8.3.1(x86_64)0:2.3.8-16.14.1(x86_64)0:2.2.6-44.30:3.1.14-7.30:4.8.6+2.3.3-3.10:2.32.1-16.10:4.12.0-7.30:10.66.3-4.10:4.12.0-10.10:10.66.3-7.10:3.1.14-8.6.10:4.8.7+2.3.4-4.7.2(x86_64)0:2.7.1-12.1(x86_64)0:10.0.27-12.1(x86_64)0:10.0.29-22.1(x86_64)0:6.8.8.1-47.1(x86_64)0:3.10.2-2.3.1(noarch)0:3.10.2-2.3.1(x86_64)0:1.8.10p3-8.1(x86_64)0:1.0.2j-59.1(x86_64)0:1.14-17.1(x86_64)0:2.3.1-24.6(noarch)0:1.0.0-24.6(noarch)0:1.8.1-24.6(noarch)0:8-24.6(x86_64)0:2.6.2-31.2(noarch)0:1.0.0-31.2(noarch)0:1.9.1-31.2(noarch)0:8-31.2(x86_64)0:7.37.0-31.1(x86_64)0:3.2.15-16.1(x86_64)0:2.1.0-3.10:2.1.0-3.1(x86_64)0:6.8.8.1-71.12.1(x86_64)0:4.5.5_02-22.3.1(x86_64)0:4.5.5_02_k3.12.67_60.64.18-22.3.1(x86_64)0:4.7.1_02-25.1(x86_64)0:210-114.1(noarch)0:210-114.1(x86_64)0:5.13-5.4.10:5.13-5.4.1(x86_64)0:11.2.202.643-146.1(x86_64)0:11.2.202.644-149.1(x86_64)0:24.0.0.186-152.1(x86_64)0:1.6.2-11.1(noarch)0:1.6.2-11.1(x86_64)0:1.7.4-17.1(x86_64)0:0.10.2-3.10:0.10.2-3.1(x86_64)0:9.15-11.1(x86_64)0:9.15-14.1(x86_64)0:2.0.9-8.30:2.0.9-8.3(x86_64)0:0.9.8j-106.9.1(x86_64)0:3.12.67-60.64.21.1(noarch)0:3.12.67-60.64.21.1(x86_64)0:4.4.21-84.1(noarch)0:4.4.21-84.1(x86_64)0:037-91.1(x86_64)0:044-108.1(x86_64)0:1.900.14-184.1(x86_64)0:9.9.9P1-49.1(noarch)0:40.6.2-4.12.23(x86_64)0:4.2.8p10-60.1(x86_64)0:2.1.0-21.3.1(x86_64)0:45.5.1esr-93.1(x86_64)0:1.15.2-24.10:1.15.2-24.10:1.15.2-25.3.2(x86_64)0:2.6.2-39.1(noarch)0:1.0.0-39.1(noarch)0:1.9.1-39.1(noarch)0:8-39.1(x86_64)0:9.9.9P1-53.1(x86_64)0:1.900.14-195.3.1(x86_64)0:1.900.14-195.5.1(x86_64)0:2.9.4-46.20.1(x86_64)0:1.900.14-195.15.1(x86_64)0:4.3-82.1(noarch)0:4.3-82.1(x86_64)0:6.3-82.1(noarch)0:6.3-82.1(x86_64)0:7.2d-5.1(x86_64)0:0.5.3.git20161120-160.1(x86_64)0:0.10.23-19.3.4(noarch)0:0.10.23-19.3.4(x86_64)0:1.2.4-3.4.1(noarch)0:1.2.4-3.4.1(x86_64)0:0.10.23-22.5(noarch)0:0.10.23-22.5(x86_64)0:1.8.3-14.1(noarch)0:1.8.3-14.10:1.8.3-17.2(x86_64)0:3.12.67-60.64.24.1(noarch)0:3.12.67-60.64.24.1(x86_64)0:4.4.21-90.1(noarch)0:4.4.21-90.1(x86_64)0:0.12.5-7.1(x86_64)0:0.12.7-8.1(x86_64)0:7.37.0-36.1(x86_64)0:4.5.5_10-22.14.1(x86_64)0:4.5.5_10_k3.12.69_60.64.35-22.14.1(x86_64)0:4.7.3_03-43.9.1(x86_64)0:0.10.31-13.3.3(noarch)0:0.10.31-13.3.3(x86_64)0:1.2.4-2.3.1(noarch)0:1.2.4-2.3.1(x86_64)0:0.10.31-16.1(noarch)0:0.10.31-16.1(x86_64)0:1.8.3-9.1(noarch)0:1.8.3-9.10:0.10.31-16.1(x86_64)0:5.13-5.12.1(x86_64)0:5.13-5.15.3(x86_64)0:5.13-5.7.1(x86_64)0:0.10.23-19.6.1(noarch)0:0.10.23-19.6.1(x86_64)0:0.10.23-25.1(noarch)0:0.10.23-25.1(x86_64)0:0.10.36-11.3.1(noarch)0:0.10.36-11.3.1(x86_64)0:1.2.4-2.3.2(noarch)0:1.2.4-2.3.2(x86_64)0:0.10.36-14.1(noarch)0:0.10.36-14.1(x86_64)0:1.8.3-9.6(noarch)0:1.8.3-9.60:0.10.36-17.130:1.8.3-12.11(x86_64)0:1.2.8-6.3.1(x86_64)0:1.2.8-11.10:1.2.8-11.1(x86_64)0:10.0.37-2.3.10:1.2.11-1.27(x86_64)0:10.2.21-3.7.1(noarch)0:10.2.21-3.7.1(x86_64)0:45.6.0esr-96.1(x86_64)0:4.7.1_06-31.1(x86_64)0:2.1.0-20.1(x86_64)0:0.6.0-5.10:0.6.0-5.1(x86_64)0:2013.1.13-5.3.1(x86_64)0:1.1-3.10:1.1-3.1(x86_64)0:2.9.4-42.1(x86_64)0:0.22.0+git.20160103-15.6.1(noarch)0:0.22.0+git.20160103-15.6.10:0.22.0+git.20160103-15.6.1(x86_64)0:3.20.2-6.19.15(noarch)0:3.20.2-6.19.15(x86_64)0:7.37.0-37.3.1(x86_64)0:4.4.74-92.35.1(noarch)0:4.4.74-92.35.1(x86_64)0:4.4.82-6.3.1(noarch)0:4.4.82-6.3.1(x86_64)0:2.7.13-28.3.2(x86_64)0:3.20.2-6.22.9(noarch)0:3.20.2-6.22.9(x86_64)0:4.4.74-92.38.1(noarch)0:4.4.74-92.38.1(x86_64)0:4.4.82-6.6.1(noarch)0:4.4.82-6.6.1(x86_64)0:4.4.90-92.45.1(noarch)0:4.4.90-92.45.1(x86_64)0:4.4.92-6.18.1(noarch)0:4.4.92-6.18.1(x86_64)0:7.37.0-37.8.1(x86_64)0:3.3.0-5.8.1(x86_64)0:4.4.59-92.24.2(noarch)0:4.4.59-92.24.2(x86_64)0:4.4.74-92.29.1(noarch)0:4.4.74-92.29.1(x86_64)0:2.22-61.3(noarch)0:2.22-61.3(x86_64)0:1.8.10p3-2.11.1(x86_64)0:1.8.10p3-10.5.1(x86_64)0:1.8.10p3-10.13.1(x86_64)0:1.9.1-8.1(x86_64)0:4.4.90-92.50.1(noarch)0:4.4.90-92.50.1(x86_64)0:4.4.92-6.30.1(noarch)0:4.4.92-6.30.1(x86_64)0:2.22-62.3.4(noarch)0:2.22-62.3.4(x86_64)0:4.4.103-92.53.1(noarch)0:4.4.103-92.53.1(x86_64)0:4.4.103-6.33.1(noarch)0:4.4.103-6.33.1(noarch)0:2.34.0-19.11.1(x86_64)0:2.34.0-19.11.1(x86_64)0:6.8.8.1-71.23.1(x86_64)0:0.43.0-16.15.1(x86_64)0:6.8.8.1-71.54.5(x86_64)0:1.8.0.144-27.5.3(x86_64)0:10.0.33-29.13.1(x86_64)0:2.6.2-41.22.2(noarch)0:1.0.0-41.22.2(noarch)0:1.9.1-41.22.2(noarch)0:8-41.22.2(x86_64)0:2.9.0-6.3.1(noarch)0:1.0.0-6.3.1(noarch)0:1.10.2-6.3.1(noarch)0:8-6.3.1(x86_64)0:4.9.0_11-3.9.1(x86_64)0:2.0019-6.3.5(x86_64)0:5.9-50.10:5.9-58.1(x86_64)0:3.8.5-15.9.1(x86_64)0:3.3.27-3.3.1(x86_64)0:6.8.8.1-71.26.1(x86_64)0:4.9.33_k4.4.114_94.11-4.11.1(x86_64)0:2.9.1-6.6.3(noarch)0:1.0.0-6.6.3(noarch)0:1.10.2-6.6.3(noarch)0:8-6.6.3(x86_64)0:6.8.8.1-71.65.1(x86_64)0:7.6_1.18.3-74.2(x86_64)0:3.8.10.2-9.6.1(x86_64)0:6.8.8.1-71.33.1(x86_64)0:4.6.7+git.38.90b2cdb4f22-3.7.1(noarch)0:4.6.7+git.38.90b2cdb4f22-3.7.1(x86_64)0:4.9.2-14.5.1(x86_64)0:6.8.8.1-71.42.1(x86_64)0:5.1.3-26.5.1(noarch)0:5.1.3-26.5.1(x86_64)0:6.8.8.1-71.17.1(x86_64)0:6.8.8.1-71.5.3(x86_64)0:2.2.8-48.6.1(x86_64)0:1.12.5-40.13.1(x86_64)0:2.40.18-5.3.1(x86_64)0:6.8.8.1-71.47.1(x86_64)0:6.8.8.1-71.79.1(x86_64)0:0.23-12.5.1(x86_64)0:4.0.9-44.24.1(x86_64)0:1.0.58-19.2.3(x86_64)0:7.1.1-3.3.40:7.1.1-3.3.4(x86_64)0:4.8.5-31.3.1(noarch)0:4.8.5-31.3.1(x86_64)0:2.22-62.6.2(noarch)0:2.22-62.6.2(x86_64)0:2.22-62.10.1(noarch)0:2.22-62.10.1(x86_64)0:4.2.4-28.21.1(x86_64)0:4.4.2-38.11.2(noarch)0:4.4.2-38.11.2(x86_64)0:4.6.9+git.59.c2cff9cea4c-3.17.1(noarch)0:4.6.9+git.59.c2cff9cea4c-3.17.1(x86_64)0:2.3.8-16.20.1(x86_64)0:9.4.15-21.13.1(x86_64)0:1.13.4-34.7.1(x86_64)0:7.6_1.18.3-76.15.2(x86_64)0:0.33-3.3.2(x86_64)0:0.99.3-33.5.1(x86_64)0:4.2.1-27.3.3(x86_64)0:6.8.8.1-71.20.1(x86_64)0:2.1.0-6.3.1(x86_64)0:1.6.8-15.5.2(x86_64)0:6.8.8.1-71.123.2(x86_64)0:1.12.12-182.3.1(x86_64)0:5.18.2-12.3.1(noarch)0:5.18.2-12.3.1(x86_64)0:6.8.8.1-71.82.1(x86_64)0:2.2-15.3.1(noarch)0:20170530-21.13.10:20180525-3.11(x86_64)0:1.14-21.3.1(x86_64)0:4.4.120-92.70.1(noarch)0:4.4.120-92.70.1(x86_64)0:4.4.120-94.17.1(noarch)0:4.4.120-94.17.1(x86_64)0:1.3.0-3.3.10:1.3.0-3.3.1(x86_64)0:2.9.1-6.28.1(noarch)0:1.0.0+-6.28.1(noarch)0:1.10.2-6.28.1(noarch)0:8-6.28.1(x86_64)0:1.5.1-11.3.12(x86_64)0:5.9-58.1(x86_64)0:0.15.4-16.1(x86_64)0:2.6.4-6.3.10:2.6.4-6.6.1(x86_64)0:2.2.9-48.9.2(x86_64)0:2.20.3-2.23.8(noarch)0:2.20.3-2.23.8(x86_64)0:1.28-5.3.1(x86_64)0:0.11.1-13.3.1(x86_64)0:1.3.3-10.11.1(x86_64)0:0.10.2-2.4.10:0.10.2-2.4.1(x86_64)0:1.0.25-36.7.2(x86_64)0:4.7.3_04-43.12.1(x86_64)0:4.9.0_12-3.15.1(x86_64)0:24.3-25.3.1(noarch)0:24.3-25.3.1(x86_64)0:2.78-18.3.1(x86_64)0:0.24.4-14.13.1(x86_64)0:3.20.3-23.3.14(noarch)0:3.20.3-23.3.140:3.20.3-23.6.1(x86_64)0:1.3.3-10.3.1(x86_64)0:0.9.9-3.7.10:0.9.9-3.7.1(x86_64)0:4.2.4-28.24.1(x86_64)0:4.4.2-38.14.1(noarch)0:4.4.2-38.14.1(x86_64)0:2.1.0-6.13.1(x86_64)0:6.8.8.1-71.85.1(x86_64)0:1.12.5-40.16.1(x86_64)0:9.6.6-3.10.1(x86_64)0:2.78-18.6.1(x86_64)0:0.16.0-8.5.150:0.16.0-8.5.15(x86_64)0:2.6.2-41.37.1(noarch)0:1.0.0-41.37.1(noarch)0:1.9.1-41.37.1(noarch)0:8-41.37.1(x86_64)0:2.9.1-6.12.1(noarch)0:1.0.0-6.12.1(noarch)0:1.10.2-6.12.1(noarch)0:8-6.12.1(x86_64)0:4.4.114-92.64.1(noarch)0:4.4.114-92.64.1(x86_64)0:4.4.114-94.11.3(noarch)0:4.4.114-94.11.2(x86_64)0:4.4.114-94.11.2(x86_64)0:2.2.10-48.12.1(x86_64)0:1.5.3-31.7.4(x86_64)0:62.2.0-31.7.4(x86_64)0:8.1.2-31.7.4(x86_64)0:4.7.4_02-43.21.1(x86_64)0:4.9.1_02-3.21.1(x86_64)0:4.7.3_06-43.15.1(x86_64)0:4.7.4_06-43.24.1(x86_64)0:4.9.1_08-3.26.10:0.6.0-1.27(noarch)0:3.6.312-2.13.1(noarch)0:3.6.312.333-3.10.10:3.6.312.333-3.13.1(x86_64)0:228-150.29.1(noarch)0:228-150.29.1(x86_64)0:4.12.14-95.3.1(noarch)0:4.12.14-95.3.1(x86_64)0:60.2.2esr-109.46.1(x86_64)0:60-32.3.1(x86_64)0:3.36.4-58.15.3(x86_64)0:4.19-19.3.1(x86_64)0:3.1.0-13.7.10:2.0.3-1.19(x86_64)0:1.1.14-4.3.1(x86_64)0:4.9.2-14.11.1(x86_64)0:12.2.5+git.1524775272.5e7ea8cf03-2.7.10:12.2.8+git.1536505967.080f2248ff-2.15.1(x86_64)0:3.22-269.3.5(x86_64)0:3.2.5e-2.3.20:3.2.5e-2.3.2(x86_64)0:2.2.11-48.15.3(x86_64)0:1.0.25-36.13.1(x86_64)0:2.4.41-18.43.1(x86_64)0:4.4.138-94.39.1(noarch)0:4.4.138-94.39.1(x86_64)0:2.8.18-9.8.1(noarch)0:2.8.18-9.8.1(x86_64)0:4.4.103-92.56.1(noarch)0:4.4.103-92.56.1(x86_64)0:4.4.103-6.38.1(noarch)0:4.4.103-6.38.1(x86_64)0:2.0.0-18.17.1(x86_64)0:2.2.12-48.18.1(x86_64)0:4.0.9-44.10.1(x86_64)0:2.2.13-48.21.1(x86_64)0:228-150.32.1(noarch)0:228-150.32.1(x86_64)0:1.7.5-20.3.1(x86_64)0:0.90-6.3.10:0.90-6.3.1(x86_64)0:2.7.13-28.6.1(x86_64)0:3.4.6-25.7.1(x86_64)0:2.2.1-5.7.10:2.2.1-5.7.1(x86_64)0:1.7.5-20.14.1(x86_64)0:4.4.126-94.22.1(noarch)0:4.4.126-94.22.2(x86_64)0:2.9.4-46.15.1(noarch)0:20140630-6.3.1(x86_64)0:2.22-62.13.2(noarch)0:2.22-62.13.2(x86_64)0:4.4.143-94.47.1(noarch)0:4.4.143-94.47.1(x86_64)0:4.12.14-95.32.1(noarch)0:4.12.14-95.32.1(x86_64)0:4.12.14-95.37.1(noarch)0:4.12.14-95.37.1(x86_64)0:3.8.5-15.3.3(x86_64)0:3.8.10.2-9.15.1(x86_64)0:2.18.0-2.9.1(noarch)0:2.18.0-2.9.1(x86_64)0:10.66.3-8.7.2(x86_64)0:10.66.3-7.1(x86_64)0:2.25-40.1(x86_64)0:2.25-40.2(noarch)0:2.25-40.1(x86_64)0:2.28-44.3.1(x86_64)0:2.28-44.3.3(noarch)0:2.28-44.3.1(x86_64)0:4.2.4-28.11.1(noarch)0:4.2.4-28.11.1(x86_64)0:4.4.2-38.3.1(noarch)0:4.4.2-38.3.1(x86_64)0:7.6_1.18.3-71.1(x86_64)0:1.1.1-10.1(x86_64)0:1.1.1-12.10:1.1.1-12.1(x86_64)0:1.0.8-10.10:1.0.8-12.1(x86_64)0:3.12.69-60.64.35.1(noarch)0:3.12.69-60.64.35.1(x86_64)0:4.4.49-92.14.1(noarch)0:4.4.49-92.14.1(x86_64)0:2.0.0~git.1463131968.4e66df7-12.3.2(noarch)0:2.34.0-19.5.1(x86_64)0:2.34.0-19.5.1(x86_64)0:2.54.1-5.3.1(noarch)0:2.54.1-5.3.1(x86_64)0:2.62.2-5.7.1(noarch)0:2.62.2-5.7.1(x86_64)0:24.0.0.194-155.1(x86_64)0:24.0.0.221-158.1(x86_64)0:25.0.0.127-162.1(x86_64)0:25.0.0.148-165.1(x86_64)0:25.0.0.171-168.1(x86_64)0:9.9.9P1-56.1(x86_64)0:9.9.9P1-62.1(x86_64)0:4.3.3-10.11.1(x86_64)0:9.9.9P1-63.7.1(x86_64)0:1.7.0.141-42.1(x86_64)0:10.0.30-25.1(x86_64)0:10.0.31-29.3.1(x86_64)0:1.8.0.131-26.3(x86_64)0:10.0.32-29.10.1(x86_64)0:1.0.2j-60.16.1(x86_64)0:1.0.2j-60.20.2(x86_64)0:1.8-10.9.1(x86_64)0:1.12-19.10:1.12-19.10:1.12-20.3.2(x86_64)0:4.0.7-40.1(x86_64)0:45.7.0esr-99.1(x86_64)0:45.8.0esr-102.1(x86_64)0:1.3.1-9.1(x86_64)0:4.9.0_14-3.18.1(noarch)0:20170530-21.16.1(x86_64)0:2.0.0-27.34.1(x86_64)0:20180312-13.17.1(x86_64)0:4.7.5_02-43.27.1(noarch)0:20170530-21.22.1(x86_64)0:3.3.0-5.19.2(noarch)0:1.4.1-5.8.10:20180807a-13.35.1(noarch)0:2017+git1510945757.b2662641d5-3.5.1(x86_64)0:4.12.14-95.13.1(noarch)0:4.12.14-95.13.1(x86_64)0:0.10.36-11.6.9(noarch)0:0.10.36-11.6.9(x86_64)0:1.2.4-2.6.8(noarch)0:1.2.4-2.6.8(x86_64)0:0.10.36-17.13(noarch)0:0.10.36-17.13(x86_64)0:1.8.3-12.11(noarch)0:1.8.3-12.11(x86_64)0:1.2.4-2.3.3(noarch)0:1.2.4-2.3.3(x86_64)0:1.8.3-9.5(noarch)0:1.8.3-9.50:1.8.3-9.5(x86_64)0:1.8.3-17.2(noarch)0:1.8.3-17.2(x86_64)0:0.9.2-3.3.10:0.9.2-3.3.1(x86_64)0:0.5.3-3.3.20:0.5.3-3.3.2(x86_64)0:7.4.326-16.1(noarch)0:7.4.326-16.1(x86_64)0:3.12.69-60.64.32.1(noarch)0:3.12.69-60.64.32.1(x86_64)0:0.13.62-9.10:0.13.62-9.10:0.13.67-10.14.1(x86_64)0:1.0.24-3.10:1.0.24-3.1(x86_64)0:2.1.0-24.3.4(x86_64)0:2.5.2.26539-15.1(x86_64)0:1.12-20.3.2(x86_64)0:6.8.8.1-70.1(x86_64)0:4.7.2_02-36.1(noarch)0:2.8.2-54.1(x86_64)0:2.8.2-54.10:2.8.2-49.21(x86_64)0:1.14-20.1(x86_64)0:0.9.2-3.6.3(x86_64)0:4.9-3.10.10:4.9.33_k4.4.73_5-2.4(x86_64)0:2.9.4-45.1(x86_64)0:1.4.3-24.1(x86_64)0:1.6.0-18.11.1(x86_64)0:16.15.2-27.21.1(x86_64)0:1.13.30-18.13.3(noarch)0:1.13.30-18.13.3(x86_64)0:16.15.3-2.3.1(x86_64)0:3.2.4-2.3.10:16.19.0-2.36.3(x86_64)0:16.15.6-2.8.1(x86_64)0:1.13.32-21.3.2(noarch)0:1.13.32-21.3.20:1.13.45-21.23.4(x86_64)0:2.7-3.10:2.7-3.1(x86_64)0:9.4.12-20.1(x86_64)0:4.2.4-28.14.1(noarch)0:4.2.4-28.14.1(x86_64)0:4.4.2-38.6.1(noarch)0:4.4.2-38.6.1(x86_64)0:4.11.2-16.21.1(x86_64)0:0.12.7-10.3.1(x86_64)0:0.12.8-3.9(x86_64)0:3.2.15-18.3.1(x86_64)0:2.3.8-16.17.1(x86_64)0:0.43.0-16.5.1(x86_64)0:1.6.1-16.42.1(x86_64)0:4.4.74-92.32.1(noarch)0:4.4.74-92.32.1(x86_64)0:9.6.4-3.6.1(x86_64)0:9.4.13-21.5.1(x86_64)0:1.2.0-12.3.1(x86_64)0:1.2.0-17.3.1(x86_64)0:1.0.25-35.1(x86_64)0:1.0.25-28.1(x86_64)0:4.7.2_04-39.1(x86_64)0:52.3.0esr-109.3.1(x86_64)0:52.4.0esr-109.6.2(x86_64)0:3.29.5-58.3.1(x86_64)0:52.5.0esr-109.9.1(x86_64)0:2.1.0-24.17.1(x86_64)0:0.6.11-12.3.1(x86_64)0:0.9.2-3.9.2(x86_64)0:3.20.4-77.7.5(noarch)0:3.20.4-77.7.5(x86_64)0:4.7.2_06-42.1(x86_64)0:4.12.0-10.1(x86_64)0:0.2.3-13.3.1(x86_64)0:0.2.1_rc4-17.3.1(x86_64)0:1.0.1-16.1(x86_64)0:0.2.3-23.10:1.0.1-16.10:1.0.1-17.6.1(x86_64)0:7.37.0-37.11.3(x86_64)0:2.9.4-46.3.2(x86_64)0:5.1.3-25.1(noarch)0:5.1.3-25.1(x86_64)0:2.9.4-39.2(x86_64)0:0.24.4-14.3.1(x86_64)0:2.1.0-6.10.1(x86_64)0:1.2.4-13.1(x86_64)0:228-149.3(noarch)0:228-149.3(x86_64)0:228-150.9.3(noarch)0:228-150.9.3(x86_64)0:16.17.20-2.33.2(x86_64)0:1.13.45-21.21.2(noarch)0:1.13.45-21.21.2(x86_64)0:2.4.41-18.29.1(x86_64)0:2.2.7-47.1(x86_64)0:0.24.4-14.6.1(noarch)0:1.54.0-26.3.1(x86_64)0:3.20.1-10.6.3(noarch)0:3.20.1-10.6.3(x86_64)0:1.54.0-26.3.1(x86_64)0:0.1.0-6.6.1(x86_64)0:0.13.0-13.6.1(x86_64)0:0.3.13-7.9.1(x86_64)0:0.13.4-10.9.1(x86_64)0:0.0.1-1.3.1(x86_64)0:6.0.3.2-43.30.2(noarch)0:6.0.3.2-43.30.2(x86_64)0:0.0.5-7.1(x86_64)0:0.4.7-10.7.1(noarch)0:20180403-16.9.1(x86_64)0:20180403-16.9.10:0.0.5-7.10:0.3.13-7.9.1(x86_64)0:044.1-109.8.3(x86_64)0:228-150.7.1(noarch)0:228-150.7.1(x86_64)0:1.6.1-16.39.1(x86_64)0:1.15.2-25.3.2(x86_64)0:0.100.1-33.15.2(x86_64)0:1.14-21.7.1(x86_64)0:60.4.0esr-109.55.1(x86_64)0:3.40.1-58.18.1(x86_64)0:1.6.1-16.62.1(x86_64)0:4.20-19.6.1(x86_64)0:1.0.2j-60.30.1(x86_64)0:0.9.8j-106.6.1(x86_64)0:1.0.2j-60.46.1(x86_64)0:1.0.2p-3.3.1(x86_64)0:1.1.1-2.3.1(x86_64)0:1.0.2j-60.39.1(x86_64)0:1.0.2j-60.24.10:2017+git1510945757.b2662641d5-2.18(x86_64)0:2.0.0~git.1463131968.4e66df7-12.8.1(x86_64)0:7.37.0-37.14.1(x86_64)0:2.40.20-5.6.1(x86_64)0:7.37.0-37.17.1(x86_64)0:4.4.131-94.29.1(noarch)0:4.4.131-94.29.1(x86_64)0:4.4.178-94.91.2(noarch)0:4.4.178-94.91.1(x86_64)0:4.4.178-94.91.1(x86_64)0:2.1.0-24.9.1(x86_64)0:1.7.1-5.3.10:1.7.1-5.3.1(x86_64)0:7.37.0-37.23.1(x86_64)0:2.7.13-28.16.1(x86_64)0:3.4.6-25.29.1(x86_64)0:1.3.1-7.13.4(noarch)0:16.0.0-4.11.3(noarch)0:18.0.1-4.8.1(x86_64)0:0.6.32-32.3.1(noarch)0:0.6.32-32.3.1(x86_64)0:0.6.32-32.3.2(x86_64)0:2.32-9.33.1(x86_64)0:6.0.4.2-43.33.1(noarch)0:6.0.4.2-43.33.1(x86_64)0:9.15-23.10.2(x86_64)0:0.12.21~rc-1001.3.10:0.12.21~rc-1001.3.1(x86_64)0:5.22-10.12.2(x86_64)0:1.3.3-10.14.1(x86_64)0:4.9.2_04-3.29.1(x86_64)0:4.4.2-38.17.1(noarch)0:4.4.2-38.17.1(x86_64)0:4.6.13+git.72.2a684235f41-3.21.3(x86_64)0:2.1.10-3.3.2(x86_64)0:0.9.34-3.3.2(noarch)0:4.6.13+git.72.2a684235f41-3.21.3(x86_64)0:9.6.7-3.13.1(x86_64)0:9.4.16-21.16.1(x86_64)0:4.6.14+git.150.1540e575faf-3.24.1(noarch)0:4.6.14+git.150.1540e575faf-3.24.1(x86_64)0:9.6.8-3.16.1(x86_64)0:9.4.17-21.19.1(x86_64)0:6.0.5.2-43.38.5(noarch)0:6.0.5.2-43.38.5(x86_64)0:3.4.6-25.16.1(x86_64)0:5.9-69.1(x86_64)0:5.1.3-26.13.1(noarch)0:5.1.3-26.13.1(x86_64)0:2.9.1-6.22.3(noarch)0:1.0.0+-6.22.3(noarch)0:1.10.2-6.22.3(noarch)0:8-6.22.3(x86_64)0:2.11.2-5.5.1(noarch)0:1.0.0+-5.5.1(noarch)0:1.11.0-5.5.1(noarch)0:8-5.5.1(x86_64)0:1.13.4-34.23.1(x86_64)0:1.16.1-4.3.2(x86_64)0:4.6.14+git.157.c2d53c2b191-3.29.1(noarch)0:4.6.14+git.157.c2d53c2b191-3.29.1(noarch)0:1.34-3.3.10:1.34-3.3.1(x86_64)0:12.2.7+git.1531910353.c0ef85b854-2.12.1(x86_64)0:0.33-3.6.1(x86_64)0:0.12.8-6.1(x86_64)0:4.4.155-94.50.1(noarch)0:4.4.155-94.50.1(x86_64)0:1.0.8-8.4.2(noarch)0:1.0.8-8.4.2(x86_64)0:2.9.3-6.3.1(x86_64)0:9.6.10-3.22.7(x86_64)0:4.7.4-3.6.1(x86_64)0:4.6.16+git.124.aee309c5c18-3.32.1(noarch)0:4.6.16+git.124.aee309c5c18-3.32.1(x86_64)0:0.6.3-12.6.1(x86_64)0:4.9.2_06-3.32.1(x86_64)0:1.1.3-24.6.1(noarch)0:1.1.3-24.6.1(x86_64)0:9.6.9-3.19.1(x86_64)0:0.113-5.9.1(x86_64)0:4.4.175-94.79.1(noarch)0:4.4.175-94.79.1(x86_64)0:1.7.0.221-43.22.1(x86_64)0:1.8.0.212-27.32.1(x86_64)0:3.3.9-11.18.1(x86_64)0:2.4.9-48.29.1(x86_64)0:2.6.4-6.6.1(x86_64)0:1.5.3-31.14.2(x86_64)0:62.2.0-31.14.2(x86_64)0:8.1.2-31.14.2(x86_64)0:3.1.0-3.3.1(x86_64)0:2.9.1-6.19.11(noarch)0:1.0.0-6.19.11(noarch)0:1.10.2-6.19.11(noarch)0:8-6.19.11(x86_64)0:4.9.2_08-3.35.2(x86_64)0:5.18.2-12.14.1(noarch)0:5.18.2-12.14.1(x86_64)0:2.0.24-9.3.1(noarch)0:2.0.24-9.3.1(x86_64)0:2.4.10-48.32.1(x86_64)0:3.3.0-5.33.2(x86_64)0:2.9.1-6.34.1(noarch)0:1.0.0+-6.34.1(noarch)0:1.10.2-6.34.1(noarch)0:8-6.34.1(x86_64)0:20190514-13.44.1(x86_64)0:4.9.4_04-3.53.1(x86_64)0:4.12.14-95.16.1(noarch)0:4.12.14-95.16.1(x86_64)0:4.0.0-8.12.1(x86_64)0:2.11.2-5.13.1(noarch)0:1.0.0+-5.13.1(noarch)0:1.11.0-5.13.1(noarch)0:8-5.13.1(x86_64)0:20190618-13.47.1(x86_64)0:4.11.2_02-2.14.2(noarch)0:2017+git1510945757.b2662641d5-3.8.3(noarch)0:2017+git1510945757.b2662641d5-3.13.1(x86_64)0:4.12.14-95.40.1(noarch)0:4.12.14-95.40.1(x86_64)0:2.11.2-5.23.2(noarch)0:1.0.0+-5.23.2(noarch)0:1.11.0-5.23.2(noarch)0:8-5.23.2(x86_64)0:4.11.2_04-2.17.1(x86_64)0:4.12.14-95.6.1(noarch)0:4.12.14-95.6.1(x86_64)0:4.2.8p12-64.8.2(x86_64)0:52.9.0esr-109.38.2(x86_64)0:60.3.0-109.50.2(x86_64)0:4.0.9-44.27.1(x86_64)0:4.4.140-94.42.1(noarch)0:4.4.140-94.42.1(x86_64)0:1.7.0.201-43.18.1(x86_64)0:1.8.0.191-27.29.1(x86_64)0:0.6.42-16.8.3(noarch)0:0.6.42-16.8.3(x86_64)0:0.41.rc1-10.9.1(x86_64)0:3.10.0.1-54.6.3(noarch)0:3.10.0.1-54.6.3(x86_64)0:6.8.8.1-71.74.1(x86_64)0:2.6-15.10.1(x86_64)0:1.6.2-12.5.1(noarch)0:1.6.2-12.5.1(x86_64)0:1.10-4.3.1(x86_64)0:4.4.156-94.57.1(noarch)0:4.4.156-94.57.1(x86_64)0:7.37.0-37.26.1(x86_64)0:4.4.162-94.69.2(noarch)0:4.4.162-94.69.2(x86_64)0:2.7.13-28.21.1(x86_64)0:12.2.10+git.1549630712.bb089269ea-2.27.2(x86_64)0:0.100.2-33.18.10:1.5.0-3.16(x86_64)0:4.9.3_03-3.44.2(x86_64)0:7.2p2-74.30.1(x86_64)0:5.6.2-6.15.2(x86_64)0:3.22.6-19.9.1(noarch)0:3.22.6-19.9.1(x86_64)0:228-150.53.3(noarch)0:228-150.53.3(x86_64)0:9.25-23.13.1(x86_64)0:1.8.1-10.3.1(x86_64)0:4.9.2-14.14.1(x86_64)0:0.13.0-3.3.2(x86_64)0:6.8.8.1-71.108.1(noarch)0:2.48.2-12.12.2(x86_64)0:2.48.2-12.12.2(x86_64)0:0.13.67-10.25.1(x86_64)0:1.1.36-58.3.10:1.1.36-58.3.1(x86_64)0:1.13.4-34.37.1(x86_64)0:1.16.1-4.12.2(x86_64)0:7.37.0-37.37.1(x86_64)0:7.60.0-4.3.1(x86_64)0:7.37.0-37.31.1(x86_64)0:10.6-1.6.1(x86_64)0:0.14.1-13.9.2(x86_64)0:0.14.1-10.12.2(x86_64)0:6.2.3.2-43.49.1(noarch)0:6.2.3.2-43.49.1(x86_64)0:0.4.10-10.13.2(noarch)0:20190423-16.18.1(x86_64)0:20190423-16.18.1(x86_64)0:228-150.58.1(noarch)0:228-150.58.1(x86_64)0:4.12.14-95.24.1(noarch)0:4.12.14-95.24.1(x86_64)0:2.11.2-5.8.1(noarch)0:1.0.0+-5.8.1(noarch)0:1.11.0-5.8.1(noarch)0:8-5.8.1(x86_64)0:8.24.0-3.19.1(x86_64)0:12.2.12+git.1568024032.02236657ca-2.39.1(x86_64)0:7.37.0-37.34.1(x86_64)0:0.3.6-11.3.1(x86_64)0:1.7.1-5.6.1(x86_64)0:1.7.1-5.11.1(x86_64)0:9.26-23.16.1(x86_64)0:0.2.7-12.4.1(x86_64)0:6.2.0dev-22.3.10:6.2.0dev-22.3.1(x86_64)0:0.13.67-10.14.1(x86_64)0:4.11.1_02-2.3.1(x86_64)0:4.4.180-94.97.1(noarch)0:4.4.180-94.97.1(x86_64)0:5.7.3-6.3.1(x86_64)0:5.18.2-12.20.1(noarch)0:5.18.2-12.20.1(x86_64)0:60.6.1esr-109.63.2(x86_64)0:60.5.0esr-109.58.3(x86_64)0:60-32.5.1(x86_64)0:3.41.1-58.25.1(x86_64)0:6.8.8.1-71.93.2(x86_64)0:4.9.3_03-3.47.1(x86_64)0:0.10.2-2.7.1(x86_64)0:5.9-61.1(x86_64)0:12.0.2-10.18.1(x86_64)0:4.9.2-14.8.1(x86_64)0:2.4.11-48.35.1(noarch)0:3.0-95.21.1(x86_64)0:4.9.4_02-3.50.1(x86_64)0:0.113-5.15.1(x86_64)0:5.6.2-6.22.1(x86_64)0:0.6.21-8.6.1(x86_64)0:1.12.5-40.31.1(x86_64)0:1.1.6-3.5.1(x86_64)0:1.0.8-3.3.1(x86_64)0:3.8.10.2-9.3.1(x86_64)0:0.15.4-30.1(x86_64)0:3.4.6-25.21.1(x86_64)0:0.6.36-2.27.19.8(x86_64)0:16.20.2-27.60.4(x86_64)0:1.13.54-18.40.2(noarch)0:1.13.54-18.40.2(x86_64)0:0.99.beta18-14.3.27(x86_64)0:7.2p2-74.35.1(x86_64)0:2.9.1-6.31.1(noarch)0:1.0.0+-6.31.1(noarch)0:1.10.2-6.31.1(noarch)0:8-6.31.1(x86_64)0:4.11.1_06-2.11.1(x86_64)0:4.4.180-94.100.1(noarch)0:4.4.180-94.100.1(x86_64)0:2.1.0-21.6.1(x86_64)0:2.7.13-28.31.1(x86_64)0:3.4.6-25.34.2(x86_64)0:4.12.14-95.29.1(noarch)0:4.12.14-95.29.1(x86_64)0:10.0.34-29.16.1(x86_64)0:1.7.0.171-43.12.1(x86_64)0:1.8.0.161-27.13.1(x86_64)0:10.0.35-29.20.3(x86_64)0:1.7.0.181-43.15.2(x86_64)0:1.8.0.171-27.19.1(x86_64)0:1.8.0.181-27.26.2(x86_64)0:3.3.0-5.22.1(x86_64)0:20180807-13.29.1(x86_64)0:1.7.0.231-43.27.2(x86_64)0:2.22.4-2.29.3(noarch)0:2.22.4-2.29.3(x86_64)0:2.22.5-2.32.2(noarch)0:2.22.5-2.32.2(x86_64)0:1.7.5-20.20.1(x86_64)0:52.6.0esr-109.13.1(x86_64)0:52.7.3esr-109.25.1(x86_64)0:1.3.3-10.6.1(x86_64)0:52.8.0esr-109.31.2(noarch)0:20170530-21.28.1(x86_64)0:2.1.0-24.6.1(x86_64)0:1.12.5-40.23.2(x86_64)0:4.3.3-10.14.1(x86_64)0:9.9.9P1-63.12.1(x86_64)0:9.11.2-3.10.1(noarch)0:9.11.2-3.10.1(x86_64)0:2.0.0-27.29.1(x86_64)0:3.3.0-5.13.1(x86_64)0:3.1.0-13.10.1(x86_64)0:0.15.4-21.1(x86_64)0:0.15.4-27.1(x86_64)0:4.9-3.5.1(x86_64)0:52.8.1esr-109.34.1(x86_64)0:0.5.3.git20161120-161.3.4(x86_64)0:0.13.67-10.5.1(x86_64)0:0.13.67-10.11.1(x86_64)0:5.4.5.1-40.24.1(noarch)0:5.4.5.1-40.24.1(noarch)0:5.4.5.1-43.19.1(x86_64)0:5.4.5.1-43.19.1(x86_64)0:228-150.66.4(noarch)0:228-150.66.4(x86_64)0:4.2.1-27.6.1(x86_64)0:4.12.14-95.19.1(noarch)0:4.12.14-95.19.1(x86_64)0:2.3.6-7.9.1(x86_64)0:0.13.67-10.8.1(x86_64)0:2.29.2-3.12.1(noarch)0:2.29.2-3.12.1(x86_64)0:1.3.1-10.3.1(x86_64)0:1.900.14-195.8.1(x86_64)0:2.2.14-48.24.10:2.26-1.25(noarch)0:2017+git1510945757.b2662641d5-3.16.1(x86_64)0:3.20.2-6.27.1(noarch)0:3.20.2-6.27.1(x86_64)0:8.3.1-2.14.1(x86_64)0:10.8-1.9.1(x86_64)0:9.6.13-3.25.1(x86_64)0:4.0.0-8.15.2(x86_64)0:10.9-1.12.1(x86_64)0:10.9-1.12.2(x86_64)0:10.10-1.15.1(x86_64)0:9.26a-23.25.1(x86_64)0:4.6.16+git.169.064abe062be-3.46.1(noarch)0:4.6.16+git.169.064abe062be-3.46.1(x86_64)0:2.4.14-48.45.1(x86_64)0:1.1.28-17.3.1(x86_64)0:2.24.1-2.41.5(noarch)0:2.24.1-2.41.5(x86_64)0:20191112a-13.56.1(x86_64)0:0.7.0-160.8.1(x86_64)0:60.7.0-109.72.1(x86_64)0:60.7.1-109.77.1(x86_64)0:60.7.2-109.80.1(x86_64)0:68.1.0-109.89.1(x86_64)0:68-32.8.1(x86_64)0:3.44.1-58.28.1(x86_64)0:68.3.0-109.98.1(x86_64)0:3.47.1-58.34.1(x86_64)0:4.23-19.12.1(x86_64)0:2.11.2-5.18.1(noarch)0:1.0.0+-5.18.1(noarch)0:1.11.0-5.18.1(noarch)0:8-5.18.1(x86_64)0:0.100.3-33.26.1(x86_64)0:7.4.326-17.3.1(noarch)0:7.4.326-17.3.1(x86_64)0:1.8.22-29.17.12(x86_64)0:1.8.22-29.17.7(x86_64)0:1.0.6-30.8.1(x86_64)0:9.27-23.28.1(x86_64)0:6.8.8.1-71.126.1(noarch)0:2.48.2-12.15.1(x86_64)0:2.48.2-12.15.1(x86_64)0:2.0.24-9.8.1(noarch)0:2.0.24-9.8.1(x86_64)0:2.4.41-18.63.1(noarch)0:2.4.41-18.63.1(x86_64)0:1.1.28-17.6.1(x86_64)0:4.0.4-15.3.1(x86_64)0:2.4.16-48.51.1(x86_64)0:1.6.1-16.68.1(x86_64)0:1.8.20p2-3.14.1(x86_64)0:1.5.13-15.11.2(noarch)0:1.5.13-15.11.2(x86_64)0:2.78-18.12.1(x86_64)0:2.11-36.6.1(noarch)0:2.11-36.6.1(x86_64)0:9.27-23.31.1(x86_64)0:0.6.3-12.12.1(x86_64)0:4.12.14-95.45.1(noarch)0:4.12.14-95.45.1(x86_64)0:4.6.16+git.174.c2fd2e28c84-3.49.1(noarch)0:4.6.16+git.174.c2fd2e28c84-3.49.1(x86_64)0:6.8.8.1-71.131.1(x86_64)0:3.5.25.3-5.3.1(x86_64)0:1.1.1-2.9.1(x86_64)0:1.0.2p-3.11.1(x86_64)0:0.9.8j-106.15.1(x86_64)0:1.1.1d-2.20.1(x86_64)0:1.0.2p-3.14.1(x86_64)0:1.0.2j-60.49.1(x86_64)0:0.9.8j-106.12.1(x86_64)0:1.0.2p-3.6.1(x86_64)0:2.1.0-21.9.1(x86_64)0:0.100.3-33.29.1(x86_64)0:2.7.13-28.36.1(x86_64)0:12.0.2-10.27.1(x86_64)0:3.8.10.2-9.12.1(x86_64)0:7.08-3.4.1(noarch)0:7.08-3.4.1(x86_64)0:68.4.1-109.101.1(x86_64)0:8.24.0-3.33.2(x86_64)0:2.0.0~git.1463131968.4e66df7-12.11.1(x86_64)0:1.17-3.3.1(x86_64)0:1.4.3-20.14.1(x86_64)0:0.60.6.1-18.3.1(x86_64)0:0.100.3-33.21.1(x86_64)0:0.5.0-12.3.1(x86_64)0:4.11.3_02-2.20.1(x86_64)0:1.8.20p2-3.17.1(x86_64)0:16.21.2-2.45.1(x86_64)0:0.6.60-2.18.1(x86_64)0:0.97.3-17.4.1(noarch)0:0.97.3-17.4.1(x86_64)0:12.0.2-10.36.1(x86_64)0:6.8.8.1-71.141.1(x86_64)0:4.4.176-94.88.1(noarch)0:4.4.176-94.88.1(x86_64)0:1.5.3-31.19.1(x86_64)0:62.2.0-31.19.1(x86_64)0:8.1.2-31.19.1(x86_64)0:10.2.22-3.14.1(noarch)0:10.2.22-3.14.1(x86_64)0:10.0.38-2.6.2(x86_64)0:3.1.2-2.6.6(x86_64)0:10.0.40.1-2.9.1(x86_64)0:10.2.25-3.19.2(noarch)0:10.2.25-3.19.2(x86_64)0:10.2.29-3.22.1(noarch)0:10.2.29-3.22.1(x86_64)0:1.8.0.222-27.35.2(x86_64)0:1.7.0.241-43.30.1(x86_64)0:1.8.0.232-27.38.1(x86_64)0:10.0.40.2-2.12.2(x86_64)0:20170707-3.14.1(x86_64)0:1.3.0-34.22.1(x86_64)0:0.8.2-1.3.1(x86_64)0:1.13.4-34.31.1(x86_64)0:0.12.8-12.1(x86_64)0:2.4.11-21.8.1(x86_64)0:3.20.4-77.23.1(noarch)0:3.20.4-77.23.1(x86_64)0:9.26a-23.22.1(x86_64)0:3.3.0-5.30.1(x86_64)0:4.0.0-8.9.1(x86_64)0:1.4.3-20.3.1(x86_64)0:1.4.3-20.6.1(x86_64)0:1.4.3-20.9.1(x86_64)0:4.6.16+git.154.2998451b912-3.40.3(noarch)0:4.6.16+git.154.2998451b912-3.40.3(x86_64)0:18.0.2-8.3.2(x86_64)0:1.0.0-8.3.2(x86_64)0:1.43.8-3.8.1(x86_64)0:1.43.8-3.11.1(x86_64)0:7.37.0-37.40.1(x86_64)0:7.60.0-4.6.1(x86_64)0:7.60.0-4.9.1(x86_64)0:2.4.12-48.39.1(x86_64)0:1.14-21.10.1(x86_64)0:7.2p2-74.42.8(x86_64)0:7.2p2-74.42.10(x86_64)0:9.26a-23.19.1(x86_64)0:0.2.7-12.6.1(x86_64)0:0.113-5.18.1(x86_64)0:2.22.6-2.35.1(noarch)0:2.22.6-2.35.1(x86_64)0:2.24.2-2.44.1(noarch)0:2.24.2-2.44.1(x86_64)0:1.8.0-5.8.1(x86_64)0:4.3.3-10.19.1(x86_64)0:4.11.1_04-2.6.1(x86_64)0:2.1.0-24.12.1(x86_64)0:1.2.15-15.11.1(x86_64)0:2.24.0-2.38.2(noarch)0:2.24.0-2.38.2(x86_64)0:3.8.10.2-9.9.1(x86_64)0:2.24.4-2.47.1(noarch)0:2.24.4-2.47.1(x86_64)0:1.7.5-20.26.1(x86_64)0:4.2.8p13-85.1(x86_64)0:2.4.13-48.42.1(x86_64)0:2.7.13-28.26.1(x86_64)0:3.4.6-25.24.1(x86_64)0:4.2-59.10.1(x86_64)0:1.4.11-59.10.1(x86_64)0:2013.1.13-5.6.1(noarch)0:20190618-5.8.1(x86_64)0:6.2.7.1-43.56.3(noarch)0:6.2.7.1-43.56.3(x86_64)0:2.4.1-11.3.2(x86_64)0:4.3-83.23.1(noarch)0:4.3-83.23.1(x86_64)0:6.3-83.23.1(noarch)0:6.3-83.23.1(x86_64)0:0.10.36-18.3.2(noarch)0:0.10.36-18.3.2(x86_64)0:1.8.3-13.3.2(noarch)0:1.8.3-13.3.2(x86_64)0:228-150.82.1(noarch)0:228-150.82.1(x86_64)0:10.12-1.18.1(x86_64)0:1.7.0.251-43.35.1(x86_64)0:1.8.0.242-27.41.1(x86_64)0:1.8.18-5.9.1(x86_64)0:68.5.0-109.106.1(x86_64)0:20170707-3.21.1(x86_64)0:2.4.7-4.3.1