MidnightBSD

Advisories for suse

CVE-1999-0234 MEDIUM

Bash treats any character with a value of 255 as a command separator.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
yggdrasil linux *
caldera openlinux *
redhat linux 3.0.3
suse suse_linux 4.2
sgi irix *
CVE-1999-0363 HIGH

SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 5.2
plp line_printer_control *
CVE-1999-0390 HIGH

Buffer overflow in Dosemu Slang library in Linux.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 4.0
redhat linux 5.0
redhat linux 5.1
redhat linux 4.2
redhat linux 5.2
redhat linux 4.1
suse suse_linux 5.1
suse suse_linux 5.0
CVE-1999-0405 HIGH

A buffer overflow in lsof allows local users to obtain root privilege.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 3.1
suse suse_linux 4.4.1
debian debian_linux 2.0
suse suse_linux 4.3
suse suse_linux 6.0
suse suse_linux 6.1
freebsd freebsd 2.0.5
freebsd freebsd 2.2.3
freebsd freebsd 2.0
freebsd freebsd 2.2.6
debian debian_linux 2.0.5
suse suse_linux 4.4
freebsd freebsd 2.2.4
freebsd freebsd 2.1.5
freebsd freebsd 2.2.5
suse suse_linux 4.2
suse suse_linux 5.3
suse suse_linux 5.0
freebsd freebsd 2.1.0
freebsd freebsd 2.1.6
freebsd freebsd 3.0
suse suse_linux 5.2
freebsd freebsd 3.2
freebsd freebsd 2.1.7.1
redhat linux 5.2
freebsd freebsd 2.2.8
suse suse_linux 5.1
freebsd freebsd 2.2.2
CVE-1999-0409 MEDIUM

Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 3.5
suse suse_linux 5.2
CVE-1999-0426 HIGH

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-276,

Products Affected

Vendor Product Version
suse suse_linux 6.0
CVE-1999-0433 MEDIUM

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
slackware slackware_linux 3.5
netbsd netbsd 1.3.3
slackware slackware_linux 3.4
suse suse_linux 6.0
xfree86_project x11r6 3.3.3
redhat linux 5.1
slackware slackware_linux 4.0
suse suse_linux 5.2
suse suse_linux 6.1
redhat linux 5.2
slackware slackware_linux 3.6
suse suse_linux 5.1
slackware slackware_linux 3.3
netbsd netbsd 1.3.2
CVE-1999-0434 HIGH

XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 5.1
netbsd netbsd 1.3.3
caldera openlinux 1.2
debian debian_linux 2.0
suse suse_linux 5.3
debian debian_linux 2.1
CVE-1999-0462 HIGH

suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 5.3
CVE-1999-0746 MEDIUM

A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 4.4.1
suse suse_linux 4.4
slackware slackware_linux 3.2
suse suse_linux 5.2
suse suse_linux 6.1
slackware slackware_linux 3.6
suse suse_linux 6.0
suse suse_linux 5.1
suse suse_linux 5.3
suse suse_linux 6.2
suse suse_linux 5.0
CVE-1999-0768 HIGH

Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.0
suse suse_linux 6.1
redhat linux 4.2
redhat linux 5.2
suse suse_linux 6.0
CVE-1999-0804 MEDIUM

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.0
suse suse_linux 6.1
debian debian_linux 2.1
linux linux_kernel 2.2.0
CVE-1999-0831 MEDIUM

Denial of service in Linux syslogd via a large number of connections.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun cobalt_raq_2 *
debian debian_linux 2.2
cobalt qube 2.0
suse suse_linux 6.3
suse suse_linux 6.2
sun cobalt_raq 1.1
cobalt qube 1.0
sun cobalt_raq_3i *
CVE-1999-0906 HIGH

Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.2
CVE-1999-1182 HIGH

Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 4.0
delix dld 5.2
lst lst_power_linux 2.2
redhat linux 4.2
redhat linux 4.1
caldera openlinux_lite 1.1
debian debian_linux 4.0
suse suse_linux 5.0
CVE-1999-1495 LOW

xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.0
CVE-2000-0218 HIGH

Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux *
caldera openlinux 2.3
CVE-2000-0229 HIGH

gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.0
alessandro_rubini gpm 1.18.1
redhat linux 6.1
debian debian_linux 2.0
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 5.3
suse suse_linux 6.2
debian debian_linux 2.1
redhat linux 6.2
alessandro_rubini gpm 1.19
debian debian_linux 2.2
suse suse_linux 6.1
CVE-2000-0231 HIGH

Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
halloween halloween_linux 4.0
suse suse_linux 6.1
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 6.2
CVE-2000-0233 HIGH

SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux_imap_server 1.0
CVE-2000-0293 LOW

aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.1
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 6.2
CVE-2000-0340 HIGH

Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.3
CVE-2000-0355 HIGH

pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.0
bent_bagger pbpg 1.1
suse suse_linux 6.2
CVE-2000-0361 LOW

The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux *
CVE-2000-0362 HIGH

Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.1
suse suse_linux 6.2
CVE-2000-0363 MEDIUM

Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.1
suse suse_linux 6.2
CVE-2000-0433 MEDIUM

The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.1
suse suse_linux 6.3
suse suse_linux 6.2
CVE-2000-0438 HIGH

Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 4.4.1
slackware slackware_linux 3.9
suse suse_linux 4.3
turbolinux turbolinux 6.0.2
suse suse_linux 6.0
suse suse_linux 6.2
slackware slackware_linux 4.0
turbolinux turbolinux 6.0.1
suse suse_linux 6.1
slackware slackware_linux 3.6
caldera openlinux 7.0
turbolinux turbolinux 6.0
slackware slackware_linux 3.5
suse suse_linux 4.4
suse suse_linux 6.4
slackware slackware_linux 3.4
suse suse_linux 4.2
suse suse_linux 6.3
suse suse_linux 5.3
suse suse_linux 5.0
suse suse_linux 5.2
suse suse_linux 5.1
slackware slackware_linux 3.3
suse suse_linux 7.0
CVE-2000-0491 HIGH

Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
gnome gdm 1.0
caldera openlinux *
suse suse_linux 6.2
CVE-2000-0614 HIGH

Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.3
CVE-2000-0666 HIGH

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 4.2
redhat linux 6.0
conectiva linux 4.1
suse suse_linux 6.4
redhat linux 6.1
debian debian_linux 2.3
trustix secure_linux 1.0
suse suse_linux 6.3
conectiva linux 4.0es
conectiva linux 4.0
trustix secure_linux 1.1
conectiva linux 5.0
redhat linux 6.2
debian debian_linux 2.2
suse suse_linux 7.0
conectiva linux 5.1
CVE-2000-0800 HIGH

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.1
suse suse_linux 6.3
suse suse_linux 6.2
CVE-2000-0844 HIGH

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
ibm aix 4.1.2
sgi irix 6.5.7
ibm aix 3.2.4
ibm aix 4.1.5
sgi irix 6.5.3f
conectiva linux 4.0es
sun sunos 5.2
mandrakesoft mandrake_linux 7.1
debian debian_linux 2.1
ibm aix 4.1
ibm aix 4.1.3
sgi irix 6.5
sun sunos 5.8
turbolinux turbolinux 6.0.1
sun sunos 5.3
sgi irix 6.5.2m
conectiva linux 5.1
redhat linux 5.0
conectiva linux 4.2
redhat linux 6.0
sgi irix 6.5.8
ibm aix 4.3.1
sgi irix 6.4
slackware slackware_linux 7.1
sgi irix 6.5.3
conectiva linux 4.0
redhat linux 6.2
ibm aix 4.2
sgi irix 6.5.4
turbolinux turbolinux 6.0.3
ibm aix 4.3
caldera openlinux_ebuilder 3.0
sun sunos 5.0
suse suse_linux 7.0
ibm aix 3.2.5
sun solaris 2.6
caldera openlinux *
debian debian_linux 2.0
turbolinux turbolinux 6.0.2
ibm aix 3.2
suse suse_linux 6.2
sun sunos 5.5.1
sgi irix 6.5.1
caldera openlinux_eserver 2.3
sun sunos 5.1
sgi irix 6.5.6
ibm aix 4.0
redhat linux 5.1
mandrakesoft mandrake_linux 7.0
ibm aix 4.3.2
conectiva linux 5.0
suse suse_linux 6.1
ibm aix 4.1.4
immunix immunix 6.2
slackware slackware_linux 7.0
turbolinux turbolinux 6.0.4
turbolinux turbolinux 6.0
conectiva linux 4.1
suse suse_linux 6.4
redhat linux 6.1
sun sunos 5.5
debian debian_linux 2.3
trustix secure_linux 1.0
suse suse_linux 6.3
trustix secure_linux 1.1
sgi irix 6.3
ibm aix 4.1.1
sun sunos 5.7
debian debian_linux 2.2
sgi irix 6.2
ibm aix 4.2.1
redhat linux 5.2
sgi irix 6.5.3m
sun sunos 5.4
CVE-2000-0868 MEDIUM

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
apache http_server 1.3.12
suse suse_linux 6.4
suse suse_linux 6.3
CVE-2000-0869 MEDIUM

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
apache http_server 1.3.12
suse suse_linux 6.4
suse suse_linux 6.1
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 6.2
suse suse_linux 7.0
CVE-2000-1016 MEDIUM

The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.3
CVE-2000-1040 HIGH

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.3
suse suse_linux 6.2
suse suse_linux 7.0
CVE-2000-1044 HIGH

Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.3
suse suse_linux 6.2
suse suse_linux 7.0
CVE-2000-1095 HIGH

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
immunix immunix 7.0_beta
suse suse_linux 6.4
mandrakesoft mandrake_linux 7.2
redhat linux 7.0
immunix immunix 6.2
suse suse_linux 7.0
conectiva linux 5.1
CVE-2000-1107 MEDIUM

in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.1
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 6.2
suse suse_linux 7.0
CVE-2000-1134 HIGH

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 4.2
redhat linux 6.0
conectiva linux 4.1
redhat linux 6.1
caldera openlinux *
mandrakesoft mandrake_linux 7.2
redhat linux 6.2e
caldera openlinux_edesktop 2.4
conectiva linux 4.0es
conectiva linux 4.0
caldera openlinux_eserver 2.3
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.0
conectiva linux 5.0
redhat linux 6.2
hp hp-ux 11.11
mandrakesoft mandrake_linux 6.0
redhat linux 5.2
immunix immunix 6.2
suse suse_linux 7.0
conectiva linux 5.1
CVE-2001-0109 LOW

rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.1
suse suse_linux 6.3
suse suse_linux 6.2
suse suse_linux 7.0
CVE-2001-0172 HIGH

Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hans_reiser reiserfs 3.5.28
suse suse_linux 7.0
CVE-2001-0178 LOW

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 6.0
suse suse_linux 6.4
mandrakesoft mandrake_linux 7.2
caldera openlinux_edesktop 2.4
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 6.2
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.0
suse suse_linux 6.1
mandrakesoft mandrake_linux_corporate_server 1.0.1
suse suse_linux 7.0
CVE-2001-0193 HIGH

Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
debian debian_linux 2.2
suse suse_linux 6.3
suse suse_linux 7.0
CVE-2001-0388 HIGH

time server daemon timed allows remote attackers to cause a denial of service via malformed packets.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd *
suse suse_linux 6.4
mandrakesoft mandrake_linux 7.2
suse suse_linux 6.3
suse suse_linux 7.1
suse suse_linux 6.2
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.0
suse suse_linux 6.1
mandrakesoft mandrake_linux 6.0
suse suse_linux 7.0
CVE-2001-0458 HIGH

Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ralf_s._engelschall eperl 2.2.12
suse suse_linux 6.4
ralf_s._engelschall eperl 2.2.13
mandrakesoft mandrake_linux 7.2
debian debian_linux 2.2
suse suse_linux 6.3
suse suse_linux 7.1
mandrakesoft mandrake_linux 7.1
suse suse_linux 7.0
CVE-2001-0525 HIGH

Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 6.4
suse suse_linux 6.3
suse suse_linux 7.0
CVE-2001-0610 MEDIUM

kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 1.x
suse suse_linux 7.0
CVE-2001-0641 MEDIUM

Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
immunix immunix 7.0_beta
suse suse_linux 6.4
redhat linux 7.0
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 7.1
suse suse_linux 6.2
immunix immunix 7.0
redhat linux 6.2
suse suse_linux 6.1
redhat linux 5.2
immunix immunix 6.2
suse suse_linux 7.0
CVE-2001-0763 HIGH

Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
debian debian_linux *
suse suse_linux 6.4
suse suse_linux 6.1
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 7.1
suse suse_linux 6.2
suse suse_linux 7.0
CVE-2001-0834 MEDIUM

htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
htdig htdig *
conectiva linux 6.0
suse suse_linux 6.4
suse suse_linux 7.3
suse suse_linux 6.3
suse suse_linux 7.1
conectiva linux 5.0
debian debian_linux 2.2
conectiva linux 7.0
suse suse_linux 7.0
conectiva linux 5.1
CVE-2001-0851 MEDIUM

Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
suse suse_linux 6.4
suse suse_linux 7.3
caldera openlinux_workstation 3.1
caldera openlinux_edesktop 2.4
suse suse_linux 6.3
suse suse_linux 7.1
linux linux_kernel 2.4.0
caldera openlinux_server 3.1
caldera openlinux 2.3
linux linux_kernel 2.0
suse suse_linux 7.0
caldera openlinux_eserver 2.3.1
linux linux_kernel 2.2.0
CVE-2001-0869 HIGH

Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
redhat linux 7.2
suse suse_linux 7.3
caldera openlinux_workstation 3.1
redhat linux 7.0
redhat linux_powertools 6.2
caldera openlinux_eserver 3.1
suse suse_linux 7.1
suse suse_linux 7.0
CVE-2001-0872 HIGH

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
redhat linux 7.2
openbsd openssh *
suse suse_linux 6.4
suse suse_linux 7.3
redhat linux 7.0
suse suse_linux 7.1
suse suse_linux 7.0
redhat linux 7.1
CVE-2001-0914 LOW

Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.3
linux linux_kernel *
CVE-2001-0918 MEDIUM

Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
suse suse_linux 7.3
CVE-2001-1012 HIGH

Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
suse suse_linux 6.4
suse suse_linux 6.3
suse suse_linux 7.1
suse suse_linux 7.0
CVE-2001-1130 HIGH

Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
suse suse_linux 6.4
suse suse_linux 6.0
suse suse_linux 6.3
suse suse_linux 7.1
suse suse_linux 7.0
CVE-2002-0004 HIGH

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
redhat linux 7.2
suse suse_linux 6.4
suse suse_linux 7.3
caldera openlinux_workstation 3.1
redhat linux 7.0
slackware slackware_linux 7.1
suse suse_linux 7.1
freebsd freebsd 4.1.1
redhat linux 7.1
freebsd freebsd 4.4
netbsd netbsd 1.5.2
mandrakesoft mandrake_linux 8.1
slackware slackware_linux 8.0
mandrakesoft mandrake_linux 8.0
redhat linux 6.2
debian debian_linux 2.2
freebsd freebsd 4.3
freebsd freebsd 4.2
caldera openlinux_server 3.1
slackware slackware_linux 7.0
suse suse_linux 7.0
CVE-2002-0062 HIGH

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
freebsd freebsd 3.1
freebsd freebsd 3.3
gnu ncurses *
redhat linux 7.2
redhat linux 6.1
freebsd freebsd 4.0
redhat linux 7.0
freebsd freebsd 3.4
suse suse_linux 6.3
suse suse_linux 6.2
freebsd freebsd 4.1
freebsd freebsd 4.1.1
redhat linux 7.1
debian debian_linux 2.2
freebsd freebsd 3.5
freebsd freebsd 3.2
freebsd freebsd 5.0
freebsd freebsd 3.5.1
suse suse_linux 7.0
CVE-2002-0083 HIGH

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-193,

Products Affected

Vendor Product Version
suse suse_linux 7.2
conectiva linux 6.0
redhat linux 7.2
mandrakesoft mandrake_linux 7.2
suse suse_linux 7.1
conectiva linux graficas
mandrakesoft mandrake_linux 7.1
redhat linux 7.1
conectiva linux 5.0
mandrakesoft mandrake_linux 8.0
conectiva linux 7.0
openpkg openpkg 1.0
trustix secure_linux 1.2
conectiva linux ecommerce
conectiva linux 5.1
openbsd openssh *
suse suse_linux 6.4
suse suse_linux 7.3
redhat linux 7.0
trustix secure_linux 1.1
immunix immunix 7.0
mandrakesoft mandrake_single_network_firewall 7.2
mandrakesoft mandrake_linux 8.1
trustix secure_linux 1.5
engardelinux secure_linux 1.0.1
mandrakesoft mandrake_linux_corporate_server 1.0.1
suse suse_linux 7.0
CVE-2002-0758 HIGH

ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
CVE-2002-0762 HIGH

shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
CVE-2002-0768 HIGH

Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
suse suse_linux 8.0
suse suse_linux 6.4
suse suse_linux 7.3
luke_mewburn lukemftp *
suse suse_linux 7.1
suse suse_linux 7.0
CVE-2002-0854 HIGH

Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3, 8.0, and possibly other operating systems, may allow local users to gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
suse suse_linux 7.3
CVE-2002-1285 HIGH

runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
suse suse_linux 8.0
suse suse_linux 7.3
suse suse_linux 8.1
suse suse_linux 7.1
suse suse_linux 7.0
CVE-2002-20001 MEDIUM

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
f5 big-ip_carrier-grade_nat 17.5.0
f5 traffix_signaling_delivery_controller 5.2.0
f5 big-ip_carrier-grade_nat *
f5 big-ip_fraud_protection_service 17.5.0
f5 f5os-a 1.8.0
f5 big-ip_analytics 17.5.0
f5 big-ip_edge_gateway 17.5.0
f5 big-ip_local_traffic_manager 17.5.0
f5 f5os-c 1.8.1
siemens scalance_w1750d_firmware *
f5 f5os-a 1.3.0
f5 traffix_sdc 5.2.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_ssl_orchestrator 17.5.0
stormshield stormshield_management_center *
f5 big-ip_global_traffic_manager 17.5.0
f5 big-iq_centralized_management *
f5 f5os-c 1.5.0
f5 f5os-c *
f5 big-ip_edge_gateway *
f5 big-ip_ddos_hybrid_defender *
f5 big-ip_advanced_web_application_firewall *
f5 big-ip_websafe *
f5 big-ip_webaccelerator 17.5.0
f5 big-ip_link_controller 17.5.0
f5 big-ip_advanced_firewall_manager 17.5.0
f5 big-ip_websafe 17.5.0
f5 big-ip_analytics *
f5 big-ip_application_acceleration_manager 17.5.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_application_visibility_and_reporting *
f5 big-ip_domain_name_system *
f5 f5os-c 1.8.0
f5 f5os-a *
f5 f5os-c 1.5.1
hpe arubaos-cx *
f5 big-ip_advanced_firewall_manager *
stormshield stormshield_network_security *
f5 big-ip_service_proxy 1.6.0
f5 traffix_sdc 5.1.0
f5 big-ip_policy_enforcement_manager 17.5.0
f5 big-ip_domain_name_system 17.5.0
f5 big-ip_application_security_manager 17.5.0
suse linux_enterprise_server 11
f5 big-ip_webaccelerator *
f5 big-ip_application_visibility_and_reporting 17.5.0
f5 big-ip_advanced_web_application_firewall 17.5.0
f5 big-ip_access_policy_manager *
f5 f5os-a 1.3.1
f5 big-ip_ssl_orchestrator *
f5 big-ip_local_traffic_manager *
f5 big-ip_ddos_hybrid_defender 17.5.0
f5 big-ip_global_traffic_manager *
f5 big-ip_application_security_manager *
f5 traffix_signaling_delivery_controller 5.1.0
f5 big-ip_link_controller *
suse linux_enterprise_server 12
f5 big-ip_fraud_protection_service *
suse linux_enterprise_server 15
balasys dheater -
f5 big-iq_centralized_management 7.1.0
CVE-2002-2185 MEDIUM

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
suse suse_linux 8.0
sgi irix 6.5.16f
redhat linux 7.2
redhat linux_advanced_workstation 2.1
sgi irix 6.5.7
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux_desktop 3.0
suse suse_linux 7.1
sgi irix 6.5.11
sgi irix 6.5.1
redhat enterprise_linux 3.0
redhat linux 7.1
sgi irix 6.5.6
sgi irix 6.5
sgi irix 6.5.15m
sgi irix 6.5.10
mandrakesoft mandrake_linux 8.0
redhat linux 7.3
sgi irix 6.5.14f
sgi irix 6.5.9
mandrakesoft mandrake_linux 8.2
microsoft windows_98 *
sgi irix 6.5.13
sgi irix 6.5.17m
sgi irix 6.5.18f
sgi irix 6.5.8
sgi irix 6.5.18m
suse suse_linux 6.4
suse suse_linux 7.3
redhat linux 7.0
microsoft windows_xp *
sgi irix 6.5.3
sgi irix 6.5.17f
sgi irix 6.5.2
microsoft windows_98se *
mandrakesoft mandrake_linux 8.1
redhat enterprise_linux 4.0
sgi irix 6.5.14m
sgi irix 6.5.15f
redhat linux 6.2
sgi irix 6.5.4
sgi irix 6.5.12
debian debian_linux 2.2
sgi irix 6.5.5
sgi irix 6.5.16m
suse suse_linux 7.0
CVE-2003-0846 MEDIUM

SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.3
CVE-2003-0847 MEDIUM

SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.2
CVE-2003-1295 LOW

Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
redhat enterprise_linux 3.0
CVE-2003-1538 MEDIUM

susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
suse office_server *
suse suse_linux 8.1
suse suse_linux 8
suse suse_linux_openexchange_server 4.0
CVE-2004-0064 LOW

The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
CVE-2004-0460 HIGH

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux_connectivity_server *
suse suse_linux 8.0
mandrakesoft mandrake_linux 9.2
isc dhcpd 3.0.1
suse suse_email_server iii
suse suse_linux 8.2
suse suse_linux 9.0
redhat fedora_core core_2.0
suse suse_linux 8.1
infoblox dns_one_appliance 2.4.0.8
suse suse_linux_admin-cd_for_firewall *
suse suse_linux 8
infoblox dns_one_appliance 2.3.1_r5
suse suse_linux_office_server *
mandrakesoft mandrake_linux 10.0
infoblox dns_one_appliance 2.4.0.8a
suse suse_linux_database_server *
suse suse_linux_firewall_cd *
suse suse_linux 7
suse suse_linux 9.1
mandrakesoft mandrake_linux 9.0
mandrakesoft mandrake_linux 9.1
CVE-2004-0461 HIGH

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux_connectivity_server *
suse suse_linux 8.0
mandrakesoft mandrake_linux 9.2
isc dhcpd 3.0.1
suse suse_email_server iii
suse suse_linux 8.2
suse suse_linux 9.0
redhat fedora_core core_2.0
suse suse_linux 8.1
infoblox dns_one_appliance 2.4.0.8
suse suse_linux_admin-cd_for_firewall *
suse suse_linux 8
infoblox dns_one_appliance 2.3.1_r5
suse suse_linux_office_server *
mandrakesoft mandrake_linux 10.0
infoblox dns_one_appliance 2.4.0.8a
suse suse_linux_database_server *
suse suse_linux_firewall_cd *
suse suse_linux 7
suse suse_linux 9.1
mandrakesoft mandrake_linux 9.0
mandrakesoft mandrake_linux 9.1
CVE-2004-0495 HIGH

Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.26
conectiva linux 8.0
suse suse_linux_connectivity_server *
linux linux_kernel 2.4.24
suse suse_linux 8.0
suse suse_email_server iii
avaya s8500 r2.0.1
suse suse_linux 9.0
avaya modular_messaging_message_storage_server s3400
suse suse_linux 8.1
suse suse_linux 8
avaya converged_communications_server 2.0
avaya s8500 r2.0.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
suse suse_linux_office_server *
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
avaya s8700 r2.0.1
suse suse_linux_database_server *
avaya s8700 r2.0.0
suse suse_linux_firewall_cd *
suse suse_email_server 3.1
avaya intuity_audix *
suse suse_linux 7
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
avaya s8300 r2.0.1
linux linux_kernel 2.4.21
linux linux_kernel 2.6.0
suse suse_linux 8.2
avaya s8300 r2.0.0
linux linux_kernel 2.4.25
suse suse_linux_admin-cd_for_firewall *
suse suse_office_server *
conectiva linux 9.0
linux linux_kernel 2.4.23
linux linux_kernel 2.4.18
linux linux_kernel 2.6.2
linux linux_kernel 2.4.22
suse suse_linux 9.1
linux linux_kernel 2.6.5
gentoo linux 1.4
redhat enterprise_linux 2.1
linux linux_kernel 2.6.1
CVE-2004-0496 HIGH

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux_connectivity_server *
mandrakesoft mandrake_linux 9.2
sun solaris 9.0
suse suse_linux 8
sun sunos 5.9
suse suse_linux_office_server *
suse suse_linux_firewall *
mandrakesoft mandrake_linux 10.0
sun sunos 5.8
suse suse_linux_database_server *
suse suse_email_server 3
suse suse_email_server 3.1
mandrakesoft mandrake_multi_network_firewall 8.2
suse suse_linux 7
gentoo linux *
mandrakesoft mandrake_linux 9.1
mandrakesoft mandrake_linux_corporate_server 2.1
linux linux_kernel 2.6.0
CVE-2004-0497 LOW

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
mandrakesoft mandrake_linux 9.2
suse suse_linux 8.2
suse suse_linux 9.0
conectiva linux 10
suse suse_linux 8.1
trustix secure_linux 2.0
trustix secure_linux 2.1
redhat enterprise_linux 3.0
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_multi_network_firewall 8.2
gentoo linux *
suse suse_linux 9.1
mandrakesoft mandrake_linux 9.1
linux linux_kernel 2.0
mandrakesoft mandrake_linux_corporate_server 2.1
redhat enterprise_linux 2.1
trustix secure_linux 2
CVE-2004-0535 LOW

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
suse suse_linux_connectivity_server *
suse suse_linux 8.0
linux linux_kernel 2.4.2
suse suse_email_server iii
suse suse_linux 9.0
suse suse_linux 8.1
engardelinux secure_linux 1.5
linux linux_kernel 2.4.12
linux linux_kernel 2.4.0
suse suse_linux_office_server *
linux linux_kernel 2.4.19
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
suse suse_linux_database_server *
suse suse_linux_firewall_cd *
suse suse_email_server 3.1
mandrakesoft mandrake_multi_network_firewall 8.2
linux linux_kernel 2.4.8
mandrakesoft mandrake_linux_corporate_server 2.1
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
suse suse_linux 8.2
linux linux_kernel 2.4.25
conectiva linux 9.0
linux linux_kernel 2.4.24_ow1
suse suse_linux_firewall_live-cd *
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
mandrakesoft mandrake_linux 9.1
linux linux_kernel 2.4.26
conectiva linux 8.0
linux linux_kernel 2.4.24
mandrakesoft mandrake_linux 9.2
linux linux_kernel 2.4.16
suse suse_linux 8
mandrakesoft mandrake_linux 10.0
linux linux_kernel 2.4.11
suse suse_linux 7
linux linux_kernel 2.4.9
engardelinux secure_community 2.0
linux linux_kernel 2.4.15
suse suse_linux_admin-cd_for_firewall *
suse suse_office_server *
linux linux_kernel 2.4.23
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.4.20
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
gentoo linux 1.4
linux linux_kernel 2.4.13
CVE-2004-0554 LOW

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.26
conectiva linux 8.0
suse suse_linux_connectivity_server *
linux linux_kernel 2.4.24
suse suse_linux 8.0
suse suse_email_server iii
avaya s8500 r2.0.1
suse suse_linux 9.0
avaya modular_messaging_message_storage_server s3400
suse suse_linux 8.1
suse suse_linux 8
avaya converged_communications_server 2.0
avaya s8500 r2.0.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
suse suse_linux_office_server *
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
avaya s8700 r2.0.1
suse suse_linux_database_server *
avaya s8700 r2.0.0
suse suse_linux_firewall_cd *
suse suse_email_server 3.1
avaya intuity_audix *
suse suse_linux 7
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
avaya s8300 r2.0.1
linux linux_kernel 2.4.21
linux linux_kernel 2.6.0
suse suse_linux 8.2
avaya s8300 r2.0.0
linux linux_kernel 2.4.25
suse suse_linux_admin-cd_for_firewall *
suse suse_office_server *
conectiva linux 9.0
linux linux_kernel 2.4.23
linux linux_kernel 2.4.18
linux linux_kernel 2.6.2
linux linux_kernel 2.4.22
suse suse_linux 9.1
linux linux_kernel 2.6.5
gentoo linux 1.4
redhat enterprise_linux 2.1
linux linux_kernel 2.6.1
CVE-2004-0587 LOW

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
redhat fedora_core core_1.0
suse suse_linux 9.0
suse suse_linux 8.1
suse suse_linux 8
mandrakesoft mandrake_linux_corporate_server 2.1
CVE-2004-0592 MEDIUM

The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 2.6.5
CVE-2004-0626 MEDIUM

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
suse suse_linux 8.2
suse suse_linux 9.0
conectiva linux 10
suse suse_linux 8.1
gentoo linux *
suse suse_linux 9.1
linux linux_kernel 2.6.0
CVE-2004-0687 HIGH

Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
openbsd openbsd 3.5
xfree86_project x11r6 4.3.0
openbsd openbsd 3.4
xfree86_project x11r6 4.0.2.11
suse suse_linux 8.2
xfree86_project x11r6 4.0.1
suse suse_linux 9.0
xfree86_project x11r6 4.1.0
xfree86_project x11r6 3.3.6
x.org x11r6 6.7.0
suse suse_linux 8.1
suse suse_linux 8
xfree86_project x11r6 4.2.0
xfree86_project x11r6 4.2.1
xfree86_project x11r6 4.0
xfree86_project x11r6 4.1.12
x.org x11r6 6.8
xfree86_project x11r6 4.0.3
xfree86_project x11r6 4.1.11
suse suse_linux 9.1
CVE-2004-0688 HIGH

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
openbsd openbsd 3.5
xfree86_project x11r6 4.3.0
openbsd openbsd 3.4
xfree86_project x11r6 4.0.2.11
suse suse_linux 8.2
xfree86_project x11r6 4.0.1
suse suse_linux 9.0
xfree86_project x11r6 4.1.0
xfree86_project x11r6 3.3.6
x.org x11r6 6.7.0
suse suse_linux 8.1
suse suse_linux 8
xfree86_project x11r6 4.2.0
xfree86_project x11r6 4.2.1
xfree86_project x11r6 4.0
xfree86_project x11r6 4.1.12
x.org x11r6 6.8
xfree86_project x11r6 4.0.3
xfree86_project x11r6 4.1.11
suse suse_linux 9.1
CVE-2004-0746 HIGH

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.2.3
mandrakesoft mandrake_linux 9.2
kde konqueror 3.0
suse suse_linux 8.2
kde konqueror 3.0.2
suse suse_linux 9.0
kde konqueror 3.0.3
kde konqueror 3.1.1
kde konqueror 3.0.5b
kde konqueror 3.1
suse suse_linux 8.1
suse suse_linux 8
kde kde 3.2
kde konqueror 3.1.2
kde kde 3.1.3
mandrakesoft mandrake_linux 10.0
kde konqueror 3.1.3
kde konqueror 3.0.1
suse suse_linux 9.1
kde konqueror 3.1.5
kde konqueror 3.0.5
kde konqueror 3.2.1
gentoo linux 1.4
CVE-2004-0802 MEDIUM

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
enlightenment imlib2 1.0
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_desktop 10.0
redhat fedora_core core_2.0
imagemagick imagemagick 5.4.3
suse suse_linux 8.1
enlightenment imlib 1.9.9
redhat enterprise_linux 3.0
enlightenment imlib2 1.1.1
redhat fedora_core core_3.0
enlightenment imlib 1.9
enlightenment imlib 1.9.7
enlightenment imlib2 1.0.2
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
imagemagick imagemagick 5.4.7
imagemagick imagemagick 5.5.6.0_2003-04-09
redhat fedora_core core_1.0
suse suse_linux 8.2
enlightenment imlib 1.9.5
enlightenment imlib 1.9.4
enlightenment imlib2 1.0.5
enlightenment imlib 1.9.14
conectiva linux 9.0
enlightenment imlib 1.9.12
imagemagick imagemagick 6.0.2
enlightenment imlib 1.9.8
enlightenment imlib2 1.1
turbolinux turbolinux_server 7.0
enlightenment imlib 1.9.13
enlightenment imlib2 1.0.1
conectiva linux 10.0
mandrakesoft mandrake_linux 9.2
redhat linux_advanced_workstation 2.1
imagemagick imagemagick 5.3.3
turbolinux turbolinux_server 8.0
mandrakesoft mandrake_linux 10.0
enlightenment imlib 1.9.1
enlightenment imlib 1.9.6
enlightenment imlib2 1.0.3
sun java_desktop_system 2.0
imagemagick imagemagick 5.5.7
imagemagick imagemagick 5.5.3.2.1.2.0
turbolinux turbolinux_workstation 7.0
enlightenment imlib 1.9.2
imagemagick imagemagick 5.4.8.2.1.1.0
suse suse_linux 9.2
enlightenment imlib 1.9.11
turbolinux turbolinux_workstation 8.0
sun java_desktop_system 2003
imagemagick imagemagick 5.4.4.5
imagemagick imagemagick 5.4.8
enlightenment imlib2 1.0.4
suse suse_linux 9.1
redhat enterprise_linux 2.1
enlightenment imlib 1.9.10
enlightenment imlib 1.9.3
CVE-2004-0803 HIGH

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
libtiff libtiff 3.6.0
kde kde 3.2.3
libtiff libtiff 3.5.3
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
apple mac_os_x_server 10.2.5
suse suse_linux 8.1
kde kde 3.2
wxgtk2 wxgtk2 2.5_.0
trustix secure_linux 2.1
redhat enterprise_linux 3.0
apple mac_os_x 10.3
kde kde 3.3
pdflib pdf_library 5.0.2
apple mac_os_x 10.2.7
apple mac_os_x 10.2.2
libtiff libtiff 3.4
libtiff libtiff 3.5.5
apple mac_os_x_server 10.2.6
libtiff libtiff 3.5.7
suse suse_linux 8.2
apple mac_os_x_server 10.2.8
libtiff libtiff 3.5.4
libtiff libtiff 3.6.1
apple mac_os_x_server 10.2.1
apple mac_os_x 10.2.3
kde kde 3.2.2
kde kde 3.2.1
apple mac_os_x_server 10.3
apple mac_os_x_server 10.3.3
apple mac_os_x 10.2
apple mac_os_x_server 10.3.4
apple mac_os_x_server 10.3.1
apple mac_os_x 10.2.4
apple mac_os_x 10.3.6
libtiff libtiff 3.5.2
redhat linux_advanced_workstation 2.1
apple mac_os_x 10.2.6
trustix secure_linux 2.0
suse suse_linux 8
apple mac_os_x 10.3.1
apple mac_os_x_server 10.2.2
apple mac_os_x 10.2.5
mandrakesoft mandrake_linux 10.0
apple mac_os_x 10.3.5
apple mac_os_x 10.2.8
apple mac_os_x_server 10.3.2
apple mac_os_x 10.3.2
apple mac_os_x 10.3.3
apple mac_os_x 10.3.4
apple mac_os_x_server 10.2.3
apple mac_os_x_server 10.3.5
suse suse_linux 1.0
apple mac_os_x 10.2.1
apple mac_os_x_server 10.2.7
apple mac_os_x_server 10.3.6
kde kde 3.3.1
libtiff libtiff 3.5.1
apple mac_os_x_server 10.2
trustix secure_linux 1.5
suse suse_linux 9.1
apple mac_os_x_server 10.2.4
redhat enterprise_linux 2.1
CVE-2004-0807 MEDIUM

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
samba samba 3.0.5
sgi samba 3.0.4
suse suse_linux 8.2
samba samba 3.0.4
sgi samba 3.0.1
suse suse_linux 9.0
samba samba 3.0.3
sgi samba 3.0.2
suse suse_linux 8.1
sgi samba 3.0.3
sgi samba 3.0.6
suse suse_linux 8
conectiva linux 9.0
samba samba 3.0.0
mandrakesoft mandrake_linux 10.0
samba samba 3.0.2
sgi samba 3.0.5
samba samba 3.0.1
sgi samba 3.0
suse suse_linux 9.1
samba samba 3.0.2a
samba samba 3.0.6
conectiva linux 10.0
CVE-2004-0817 HIGH

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
enlightenment imlib2 1.0
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_desktop 10.0
redhat fedora_core core_2.0
imagemagick imagemagick 5.4.3
suse suse_linux 8.1
enlightenment imlib 1.9.9
redhat enterprise_linux 3.0
enlightenment imlib2 1.1.1
redhat fedora_core core_3.0
enlightenment imlib 1.9
enlightenment imlib 1.9.7
enlightenment imlib2 1.0.2
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
imagemagick imagemagick 5.4.7
imagemagick imagemagick 5.5.6.0_2003-04-09
redhat fedora_core core_1.0
suse suse_linux 8.2
enlightenment imlib 1.9.5
enlightenment imlib 1.9.4
enlightenment imlib2 1.0.5
enlightenment imlib 1.9.14
conectiva linux 9.0
enlightenment imlib 1.9.12
imagemagick imagemagick 6.0.2
enlightenment imlib 1.9.8
enlightenment imlib2 1.1
turbolinux turbolinux_server 7.0
enlightenment imlib 1.9.13
enlightenment imlib2 1.0.1
conectiva linux 10.0
mandrakesoft mandrake_linux 9.2
redhat linux_advanced_workstation 2.1
imagemagick imagemagick 5.3.3
turbolinux turbolinux_server 8.0
mandrakesoft mandrake_linux 10.0
enlightenment imlib 1.9.1
enlightenment imlib 1.9.6
enlightenment imlib2 1.0.3
sun java_desktop_system 2.0
imagemagick imagemagick 5.5.7
imagemagick imagemagick 5.5.3.2.1.2.0
turbolinux turbolinux_workstation 7.0
enlightenment imlib 1.9.2
imagemagick imagemagick 5.4.8.2.1.1.0
suse suse_linux 9.2
enlightenment imlib 1.9.11
turbolinux turbolinux_workstation 8.0
sun java_desktop_system 2003
imagemagick imagemagick 5.4.4.5
imagemagick imagemagick 5.4.8
enlightenment imlib2 1.0.4
suse suse_linux 9.1
redhat enterprise_linux 2.1
enlightenment imlib 1.9.10
enlightenment imlib 1.9.3
CVE-2004-0827 HIGH

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
turbolinux turbolinux desktop_10.0
suse suse_linux 8.0
enlightenment imlib2 1.0
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
imagemagick imagemagick 5.4.3
suse suse_linux 8.1
enlightenment imlib 1.9.9
redhat enterprise_linux 3.0
enlightenment imlib2 1.1.1
redhat fedora_core core_3.0
enlightenment imlib 1.9
enlightenment imlib 1.9.7
enlightenment imlib2 1.0.2
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
imagemagick imagemagick 5.4.7
imagemagick imagemagick 5.5.6.0_2003-04-09
redhat fedora_core core_1.0
turbolinux turbolinux workstation_8.0
suse suse_linux 8.2
enlightenment imlib 1.9.5
enlightenment imlib 1.9.4
enlightenment imlib2 1.0.5
enlightenment imlib 1.9.14
conectiva linux 9.0
turbolinux turbolinux server_8.0
enlightenment imlib 1.9.12
imagemagick imagemagick 6.0.2
enlightenment imlib 1.9.8
enlightenment imlib2 1.1
enlightenment imlib 1.9.13
enlightenment imlib2 1.0.1
conectiva linux 10.0
mandrakesoft mandrake_linux 9.2
redhat linux_advanced_workstation 2.1
imagemagick imagemagick 5.3.3
mandrakesoft mandrake_linux 10.0
enlightenment imlib 1.9.1
enlightenment imlib 1.9.6
enlightenment imlib2 1.0.3
sun java_desktop_system 2.0
imagemagick imagemagick 5.5.7
imagemagick imagemagick 5.5.3.2.1.2.0
turbolinux turbolinux server_7.0
enlightenment imlib 1.9.2
imagemagick imagemagick 5.4.8.2.1.1.0
suse suse_linux 9.2
enlightenment imlib 1.9.11
sun java_desktop_system 2003
imagemagick imagemagick 5.4.4.5
turbolinux turbolinux workstation_7.0
imagemagick imagemagick 5.4.8
enlightenment imlib2 1.0.4
suse suse_linux 9.1
redhat enterprise_linux 2.1
enlightenment imlib 1.9.10
enlightenment imlib 1.9.3
CVE-2004-0866 HIGH

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.2.3
kde konqueror 2.2.1
suse suse_linux 9.0
kde konqueror 3.0.3
kde konqueror 3.1
suse suse_linux 8.1
suse suse_linux 8
kde konqueror 2.2.2
mozilla firefox 0.9.2
kde konqueror 2.1.1
kde konqueror 3.0
suse suse_linux 8.2
kde konqueror 3.0.2
kde konqueror 3.1.1
kde konqueror 3.0.5b
kde konqueror 3.1.2
suse suse_linux 1.0
kde konqueror 3.1.3
kde konqueror 3.1.4
kde konqueror 3.0.1
kde konqueror 3.1.5
microsoft ie 6.0
kde konqueror 3.0.5
kde konqueror 3.2.1
kde konqueror 2.1.2
microsoft internet_explorer 6.0
CVE-2004-0867 HIGH

Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
kde konqueror 3.2.3
kde konqueror 2.2.1
suse suse_linux 9.0
kde konqueror 3.0.3
kde konqueror 3.1
suse suse_linux 8.1
suse suse_linux 8
kde konqueror 2.2.2
mozilla firefox 0.9.2
kde konqueror 2.1.1
kde konqueror 3.0
suse suse_linux 8.2
kde konqueror 3.0.2
kde konqueror 3.1.1
kde konqueror 3.0.5b
kde konqueror 3.1.2
suse suse_linux 1.0
kde konqueror 3.1.3
kde konqueror 3.1.4
kde konqueror 3.0.1
kde konqueror 3.1.5
microsoft ie 6.0
kde konqueror 3.0.5
kde konqueror 3.2.1
kde konqueror 2.1.2
microsoft internet_explorer 6.0
CVE-2004-0883 MEDIUM

Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.4.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
linux linux_kernel 2.4.12
trustix secure_linux 2.1
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
linux linux_kernel 2.4.8
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
ubuntu ubuntu_linux 4.1
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
suse suse_linux 8.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
redhat linux_advanced_workstation 2.1
linux linux_kernel 2.4.16
trustix secure_linux 2.0
suse suse_linux 8
linux linux_kernel 2.4.11
linux linux_kernel 2.4.9
trustix secure_linux 2.2
linux linux_kernel 2.6.0
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.15
suse suse_linux 9.2
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
suse suse_linux 1.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
trustix secure_linux 1.5
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
linux linux_kernel 2.4.13
redhat enterprise_linux 2.1
CVE-2004-0886 MEDIUM

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
libtiff libtiff 3.6.0
kde kde 3.2.3
libtiff libtiff 3.5.3
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
apple mac_os_x_server 10.2.5
suse suse_linux 8.1
kde kde 3.2
wxgtk2 wxgtk2 2.5_.0
trustix secure_linux 2.1
redhat enterprise_linux 3.0
apple mac_os_x 10.3
kde kde 3.3
pdflib pdf_library 5.0.2
apple mac_os_x 10.2.7
apple mac_os_x 10.2.2
libtiff libtiff 3.4
libtiff libtiff 3.5.5
apple mac_os_x_server 10.2.6
libtiff libtiff 3.5.7
suse suse_linux 8.2
apple mac_os_x_server 10.2.8
libtiff libtiff 3.5.4
libtiff libtiff 3.6.1
apple mac_os_x_server 10.2.1
apple mac_os_x 10.2.3
kde kde 3.2.2
kde kde 3.2.1
apple mac_os_x_server 10.3
apple mac_os_x_server 10.3.3
wxgtk2 wxgtk2 *
apple mac_os_x 10.2
apple mac_os_x_server 10.3.4
apple mac_os_x_server 10.3.1
apple mac_os_x 10.2.4
apple mac_os_x 10.3.6
libtiff libtiff 3.5.2
redhat linux_advanced_workstation 2.1
apple mac_os_x 10.2.6
trustix secure_linux 2.0
suse suse_linux 8
apple mac_os_x 10.3.1
apple mac_os_x_server 10.2.2
apple mac_os_x 10.2.5
mandrakesoft mandrake_linux 10.0
apple mac_os_x 10.3.5
apple mac_os_x 10.2.8
apple mac_os_x_server 10.3.2
apple mac_os_x 10.3.2
apple mac_os_x 10.3.3
apple mac_os_x 10.3.4
apple mac_os_x_server 10.2.3
apple mac_os_x_server 10.3.5
suse suse_linux 1.0
apple mac_os_x 10.2.1
apple mac_os_x_server 10.2.7
apple mac_os_x_server 10.3.6
kde kde 3.3.1
libtiff libtiff 3.5.1
apple mac_os_x_server 10.2
trustix secure_linux 1.5
suse suse_linux 9.1
apple mac_os_x_server 10.2.4
redhat enterprise_linux 2.1
CVE-2004-0887 HIGH

SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.10
suse suse_linux 9.0
linux linux_kernel 2.6.6
linux linux_kernel 2.6.8
linux linux_kernel 2.6.3
linux linux_kernel 2.6.9
linux linux_kernel 2.6.2
linux linux_kernel 2.6.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.7
linux linux_kernel 2.6.0
linux linux_kernel 2.6.1
CVE-2004-0888 HIGH

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
easy_software_products cups 1.1.1
kde kde 3.2.3
kde koffice 1.3_beta3
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
gnome gpdf 0.131
kde kde 3.2
redhat enterprise_linux 3.0
kde kde 3.3
xpdf xpdf 0.93
easy_software_products cups 1.1.16
pdftohtml pdftohtml 0.36
kde kpdf 3.2
easy_software_products cups 1.1.13
ubuntu ubuntu_linux 4.1
xpdf xpdf 1.0a
gnome gpdf 0.112
pdftohtml pdftohtml 0.35
tetex tetex 1.0.7
suse suse_linux 8.2
xpdf xpdf 2.1
easy_software_products cups 1.1.4
easy_software_products cups 1.1.20
pdftohtml pdftohtml 0.33a
kde kde 3.2.2
kde kde 3.2.1
easy_software_products cups 1.1.15
kde koffice 1.3
xpdf xpdf 0.91
easy_software_products cups 1.0.4
easy_software_products cups 1.1.6
kde koffice 1.3.1
redhat linux_advanced_workstation 2.1
xpdf xpdf 2.0
pdftohtml pdftohtml 0.33
easy_software_products cups 1.1.14
easy_software_products cups 1.1.19_rc5
xpdf xpdf 1.0
easy_software_products cups 1.1.17
xpdf xpdf 1.1
easy_software_products cups 1.1.12
easy_software_products cups 1.1.18
tetex tetex 2.0.2
xpdf xpdf 2.3
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.19
easy_software_products cups 1.1.7
kde koffice 1.3_beta1
debian debian_linux 3.0
pdftohtml pdftohtml 0.32b
xpdf xpdf 0.92
pdftohtml pdftohtml 0.32a
easy_software_products cups 1.1.10
tetex tetex 2.0
kde koffice 1.3.3
kde koffice 1.3.2
suse suse_linux 9.2
tetex tetex 2.0.1
pdftohtml pdftohtml 0.34
easy_software_products cups 1.1.4_5
easy_software_products cups 1.1.4_3
xpdf xpdf 3.0
kde kde 3.3.1
kde koffice 1.3_beta2
gentoo linux *
xpdf xpdf 0.90
easy_software_products cups 1.1.4_2
suse suse_linux 9.1
redhat enterprise_linux 2.1
CVE-2004-0889 HIGH

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
easy_software_products cups 1.1.1
kde kde 3.2.3
kde koffice 1.3_beta3
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
gnome gpdf 0.131
kde kde 3.2
redhat enterprise_linux 3.0
kde kde 3.3
xpdf xpdf 0.93
easy_software_products cups 1.1.16
pdftohtml pdftohtml 0.36
kde kpdf 3.2
easy_software_products cups 1.1.13
ubuntu ubuntu_linux 4.1
xpdf xpdf 1.0a
gnome gpdf 0.112
pdftohtml pdftohtml 0.35
tetex tetex 1.0.7
suse suse_linux 8.2
xpdf xpdf 2.1
easy_software_products cups 1.1.4
easy_software_products cups 1.1.20
pdftohtml pdftohtml 0.33a
kde kde 3.2.2
kde kde 3.2.1
easy_software_products cups 1.1.15
kde koffice 1.3
xpdf xpdf 0.91
easy_software_products cups 1.0.4
easy_software_products cups 1.1.6
kde koffice 1.3.1
redhat linux_advanced_workstation 2.1
xpdf xpdf 2.0
pdftohtml pdftohtml 0.33
easy_software_products cups 1.1.14
easy_software_products cups 1.1.19_rc5
xpdf xpdf 1.0
easy_software_products cups 1.1.17
xpdf xpdf 1.1
easy_software_products cups 1.1.12
easy_software_products cups 1.1.18
tetex tetex 2.0.2
xpdf xpdf 2.3
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.19
easy_software_products cups 1.1.7
kde koffice 1.3_beta1
debian debian_linux 3.0
pdftohtml pdftohtml 0.32b
xpdf xpdf 0.92
pdftohtml pdftohtml 0.32a
easy_software_products cups 1.1.10
tetex tetex 2.0
kde koffice 1.3.3
kde koffice 1.3.2
suse suse_linux 9.2
tetex tetex 2.0.1
pdftohtml pdftohtml 0.34
easy_software_products cups 1.1.4_5
easy_software_products cups 1.1.4_3
xpdf xpdf 3.0
kde kde 3.3.1
kde koffice 1.3_beta2
gentoo linux *
xpdf xpdf 0.90
easy_software_products cups 1.1.4_2
suse suse_linux 9.1
redhat enterprise_linux 2.1
CVE-2004-0902 HIGH

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.7
redhat fedora_core core_1.0
redhat linux_advanced_workstation 2.1
suse suse_linux 8.2
mozilla thunderbird 0.7.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
suse suse_linux 8.1
mozilla thunderbird 0.7.1
mozilla mozilla 1.7.1
suse suse_linux 8
conectiva linux 9.0
redhat linux 9.0
redhat enterprise_linux 3.0
suse suse_linux 1.0
mozilla thunderbird 0.7.3
mozilla thunderbird 0.7
redhat linux 7.3
mozilla mozilla 1.7.2
suse suse_linux 9.1
redhat enterprise_linux 2.1
conectiva linux 10.0
CVE-2004-0903 HIGH

Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.7
redhat fedora_core core_1.0
redhat linux_advanced_workstation 2.1
suse suse_linux 8.2
mozilla thunderbird 0.7.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
suse suse_linux 8.1
mozilla thunderbird 0.7.1
mozilla mozilla 1.7.1
suse suse_linux 8
conectiva linux 9.0
redhat linux 9.0
redhat enterprise_linux 3.0
suse suse_linux 1.0
mozilla thunderbird 0.7.3
mozilla thunderbird 0.7
redhat linux 7.3
mozilla mozilla 1.7.2
suse suse_linux 9.1
redhat enterprise_linux 2.1
conectiva linux 10.0
CVE-2004-0905 MEDIUM

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.7
redhat linux_advanced_workstation 2.1
mozilla mozilla 1.0.1
netscape navigator 7.0
mozilla mozilla 1.2
mozilla firefox 0.9
netscape navigator 7.0.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
mozilla mozilla 1.2.1
mozilla mozilla 1.3
mozilla mozilla 1.5
suse suse_linux 8.1
mozilla mozilla 1.7.1
suse suse_linux 8
redhat enterprise_linux 3.0
mozilla mozilla 1.6
mozilla firefox 0.8
redhat linux 7.3
netscape navigator 7.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.2
mozilla mozilla 1.4.1
mozilla firefox 0.9.2
redhat fedora_core core_1.0
suse suse_linux 8.2
mozilla mozilla 1.4
mozilla mozilla 1.3.1
conectiva linux 9.0
redhat linux 9.0
suse suse_linux 1.0
mozilla firefox 0.9.3
netscape navigator 7.2
mozilla mozilla 1.1
mozilla mozilla 1.0
suse suse_linux 9.1
mozilla mozilla 1.4.2
mozilla mozilla 1.0.2
redhat enterprise_linux 2.1
conectiva linux 10.0
CVE-2004-0914 HIGH

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xfree86_project x11r6 4.3.0
lesstif lesstif 0.93
lesstif lesstif 0.93.40
lesstif lesstif 0.93.34
xfree86_project x11r6 4.0.1
suse suse_linux 9.0
redhat fedora_core core_2.0
xfree86_project x11r6 3.3.2
suse suse_linux 8.1
suse suse_linux 8
redhat fedora_core core_3.0
xfree86_project x11r6 3.3.3
xfree86_project x11r6 4.1.12
x.org x11r6 6.8
xfree86_project x11r6 4.1.11
x.org x11r6 6.8.1
xfree86_project x11r6 4.0.2.11
suse suse_linux 8.2
lesstif lesstif 0.93.12
xfree86_project x11r6 4.1.0
xfree86_project x11r6 3.3.6
lesstif lesstif 0.93.94
x.org x11r6 6.7.0
xfree86_project x11r6 3.3.5
suse suse_linux 9.2
xfree86_project x11r6 4.2.0
xfree86_project x11r6 3.3
xfree86_project x11r6 4.2.1
suse suse_linux 1.0
xfree86_project x11r6 4.0
xfree86_project x11r6 3.3.4
lesstif lesstif 0.93.91
lesstif lesstif 0.93.18
xfree86_project x11r6 4.0.3
lesstif lesstif 0.93.96
gentoo linux *
suse suse_linux 9.1
lesstif lesstif 0.93.36
CVE-2004-0929 HIGH

Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 1.0
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 8.1
libtiff libtiff 3.6.1
suse suse_linux 8
suse suse_linux 9.1
CVE-2004-0932 HIGH

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_secure_content_manager 1.1
sophos sophos_anti-virus 3.78
mcafee antivirus_engine 4.3.20
sophos sophos_anti-virus 3.4.6
sophos sophos_anti-virus 3.79
kaspersky_lab kaspersky_anti-virus 5.0
broadcom etrust_antivirus_gateway 7.0
rav_antivirus rav_antivirus_for_file_servers 1.0
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.80
broadcom etrust_antivirus 7.0
ca etrust_antivirus 7.0_sp2
sophos sophos_anti-virus 3.81
broadcom inoculateit 6.0
eset_software nod32_antivirus 1.0.11
broadcom etrust_ez_armor 2.3
sophos sophos_puremessage_anti-virus 4.6
sophos sophos_anti-virus 3.85
sophos sophos_anti-virus 3.86
sophos sophos_anti-virus 3.83
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
sophos sophos_anti-virus 3.82
broadcom brightstor_arcserve_backup 11.1
eset_software nod32_antivirus 1.0.13
broadcom etrust_intrusion_detection 1.5
broadcom etrust_secure_content_manager 1.0
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.84
rav_antivirus rav_antivirus_desktop 8.6
sophos sophos_anti-virus 3.78d
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_antivirus 6.2
broadcom etrust_ez_armor 2.4
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 4.0
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_armor 2.0
broadcom etrust_antivirus 7.1
broadcom etrust_intrusion_detection 1.4.5
archive_zip archive_zip 1.13
sophos sophos_small_business_suite 1.0
gentoo linux *
gentoo linux 1.4
eset_software nod32_antivirus 1.0.12
broadcom etrust_ez_antivirus 6.3
CVE-2004-0933 HIGH

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_secure_content_manager 1.1
sophos sophos_anti-virus 3.78
mcafee antivirus_engine 4.3.20
sophos sophos_anti-virus 3.4.6
sophos sophos_anti-virus 3.79
kaspersky_lab kaspersky_anti-virus 5.0
broadcom etrust_antivirus_gateway 7.0
rav_antivirus rav_antivirus_for_file_servers 1.0
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.80
broadcom etrust_antivirus 7.0
ca etrust_antivirus 7.0_sp2
sophos sophos_anti-virus 3.81
broadcom inoculateit 6.0
eset_software nod32_antivirus 1.0.11
broadcom etrust_ez_armor 2.3
sophos sophos_puremessage_anti-virus 4.6
sophos sophos_anti-virus 3.85
sophos sophos_anti-virus 3.86
sophos sophos_anti-virus 3.83
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
sophos sophos_anti-virus 3.82
broadcom brightstor_arcserve_backup 11.1
eset_software nod32_antivirus 1.0.13
broadcom etrust_intrusion_detection 1.5
broadcom etrust_secure_content_manager 1.0
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.84
rav_antivirus rav_antivirus_desktop 8.6
sophos sophos_anti-virus 3.78d
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_antivirus 6.2
broadcom etrust_ez_armor 2.4
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 4.0
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_armor 2.0
broadcom etrust_antivirus 7.1
broadcom etrust_intrusion_detection 1.4.5
archive_zip archive_zip 1.13
sophos sophos_small_business_suite 1.0
gentoo linux *
gentoo linux 1.4
eset_software nod32_antivirus 1.0.12
broadcom etrust_ez_antivirus 6.3
CVE-2004-0934 HIGH

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_secure_content_manager 1.1
sophos sophos_anti-virus 3.78
mcafee antivirus_engine 4.3.20
sophos sophos_anti-virus 3.4.6
sophos sophos_anti-virus 3.79
kaspersky_lab kaspersky_anti-virus 5.0
broadcom etrust_antivirus_gateway 7.0
rav_antivirus rav_antivirus_for_file_servers 1.0
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.80
broadcom etrust_antivirus 7.0
ca etrust_antivirus 7.0_sp2
sophos sophos_anti-virus 3.81
broadcom inoculateit 6.0
eset_software nod32_antivirus 1.0.11
broadcom etrust_ez_armor 2.3
sophos sophos_puremessage_anti-virus 4.6
sophos sophos_anti-virus 3.85
sophos sophos_anti-virus 3.86
sophos sophos_anti-virus 3.83
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
sophos sophos_anti-virus 3.82
broadcom brightstor_arcserve_backup 11.1
eset_software nod32_antivirus 1.0.13
broadcom etrust_intrusion_detection 1.5
broadcom etrust_secure_content_manager 1.0
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.84
rav_antivirus rav_antivirus_desktop 8.6
sophos sophos_anti-virus 3.78d
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_antivirus 6.2
broadcom etrust_ez_armor 2.4
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 4.0
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_armor 2.0
broadcom etrust_antivirus 7.1
broadcom etrust_intrusion_detection 1.4.5
archive_zip archive_zip 1.13
sophos sophos_small_business_suite 1.0
gentoo linux *
gentoo linux 1.4
eset_software nod32_antivirus 1.0.12
broadcom etrust_ez_antivirus 6.3
CVE-2004-0935 HIGH

Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_secure_content_manager 1.1
sophos sophos_anti-virus 3.78
mcafee antivirus_engine 4.3.20
sophos sophos_anti-virus 3.4.6
sophos sophos_anti-virus 3.79
kaspersky_lab kaspersky_anti-virus 5.0
broadcom etrust_antivirus_gateway 7.0
rav_antivirus rav_antivirus_for_file_servers 1.0
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.80
broadcom etrust_antivirus 7.0
ca etrust_antivirus 7.0_sp2
sophos sophos_anti-virus 3.81
broadcom inoculateit 6.0
eset_software nod32_antivirus 1.0.11
broadcom etrust_ez_armor 2.3
sophos sophos_puremessage_anti-virus 4.6
sophos sophos_anti-virus 3.85
sophos sophos_anti-virus 3.86
sophos sophos_anti-virus 3.83
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
sophos sophos_anti-virus 3.82
broadcom brightstor_arcserve_backup 11.1
eset_software nod32_antivirus 1.0.13
broadcom etrust_intrusion_detection 1.5
broadcom etrust_secure_content_manager 1.0
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.84
rav_antivirus rav_antivirus_desktop 8.6
sophos sophos_anti-virus 3.78d
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_antivirus 6.2
broadcom etrust_ez_armor 2.4
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 4.0
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_armor 2.0
broadcom etrust_antivirus 7.1
broadcom etrust_intrusion_detection 1.4.5
archive_zip archive_zip 1.13
sophos sophos_small_business_suite 1.0
gentoo linux *
gentoo linux 1.4
eset_software nod32_antivirus 1.0.12
broadcom etrust_ez_antivirus 6.3
CVE-2004-0936 HIGH

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_secure_content_manager 1.1
sophos sophos_anti-virus 3.78
mcafee antivirus_engine 4.3.20
sophos sophos_anti-virus 3.4.6
sophos sophos_anti-virus 3.79
kaspersky_lab kaspersky_anti-virus 5.0
broadcom etrust_antivirus_gateway 7.0
rav_antivirus rav_antivirus_for_file_servers 1.0
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.80
broadcom etrust_antivirus 7.0
ca etrust_antivirus 7.0_sp2
sophos sophos_anti-virus 3.81
broadcom inoculateit 6.0
eset_software nod32_antivirus 1.0.11
broadcom etrust_ez_armor 2.3
sophos sophos_puremessage_anti-virus 4.6
sophos sophos_anti-virus 3.85
sophos sophos_anti-virus 3.86
sophos sophos_anti-virus 3.83
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
sophos sophos_anti-virus 3.82
broadcom brightstor_arcserve_backup 11.1
eset_software nod32_antivirus 1.0.13
broadcom etrust_intrusion_detection 1.5
broadcom etrust_secure_content_manager 1.0
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.84
rav_antivirus rav_antivirus_desktop 8.6
sophos sophos_anti-virus 3.78d
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_antivirus 6.2
broadcom etrust_ez_armor 2.4
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 4.0
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_armor 2.0
broadcom etrust_antivirus 7.1
broadcom etrust_intrusion_detection 1.4.5
archive_zip archive_zip 1.13
sophos sophos_small_business_suite 1.0
gentoo linux *
gentoo linux 1.4
eset_software nod32_antivirus 1.0.12
broadcom etrust_ez_antivirus 6.3
CVE-2004-0937 HIGH

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_secure_content_manager 1.1
sophos sophos_anti-virus 3.78
mcafee antivirus_engine 4.3.20
sophos sophos_anti-virus 3.4.6
sophos sophos_anti-virus 3.79
kaspersky_lab kaspersky_anti-virus 5.0
broadcom etrust_antivirus_gateway 7.0
rav_antivirus rav_antivirus_for_file_servers 1.0
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.80
broadcom etrust_antivirus 7.0
ca etrust_antivirus 7.0_sp2
sophos sophos_anti-virus 3.81
broadcom inoculateit 6.0
eset_software nod32_antivirus 1.0.11
broadcom etrust_ez_armor 2.3
sophos sophos_puremessage_anti-virus 4.6
sophos sophos_anti-virus 3.85
sophos sophos_anti-virus 3.86
sophos sophos_anti-virus 3.83
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
sophos sophos_anti-virus 3.82
broadcom brightstor_arcserve_backup 11.1
eset_software nod32_antivirus 1.0.13
broadcom etrust_intrusion_detection 1.5
broadcom etrust_secure_content_manager 1.0
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.84
rav_antivirus rav_antivirus_desktop 8.6
sophos sophos_anti-virus 3.78d
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_antivirus 6.2
broadcom etrust_ez_armor 2.4
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 4.0
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_armor 2.0
broadcom etrust_antivirus 7.1
broadcom etrust_intrusion_detection 1.4.5
archive_zip archive_zip 1.13
sophos sophos_small_business_suite 1.0
gentoo linux *
gentoo linux 1.4
eset_software nod32_antivirus 1.0.12
broadcom etrust_ez_antivirus 6.3
CVE-2004-0940 MEDIUM

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-131,

Products Affected

Vendor Product Version
openpkg openpkg 2.2
suse suse_linux 8.0
slackware slackware_linux current
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 8.1
suse suse_linux 9.2
openpkg openpkg 2.0
hp hp-ux 11.00
hp hp-ux 11.20
openpkg openpkg 2.1
slackware slackware_linux 8.0
apache http_server *
hp hp-ux 11.11
hp hp-ux 11.22
slackware slackware_linux 9.1
trustix secure_linux 1.5
slackware slackware_linux 9.0
suse suse_linux 9.1
slackware slackware_linux 8.1
slackware slackware_linux 10.0
CVE-2004-0947 HIGH

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
arj_software_inc. unarj 2.63_a
arj_software_inc. unarj 2.65
arj_software_inc. unarj 2.62
suse suse_linux 9.0
gentoo linux *
suse suse_linux 9.1
suse suse_linux 9.2
arj_software_inc. unarj 2.64
CVE-2004-0949 MEDIUM

The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.4.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
linux linux_kernel 2.4.12
trustix secure_linux 2.1
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
linux linux_kernel 2.4.8
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
ubuntu ubuntu_linux 4.1
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
suse suse_linux 8.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
redhat linux_advanced_workstation 2.1
linux linux_kernel 2.4.16
trustix secure_linux 2.0
suse suse_linux 8
linux linux_kernel 2.4.11
linux linux_kernel 2.4.9
trustix secure_linux 2.2
linux linux_kernel 2.6.0
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.15
suse suse_linux 9.2
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
suse suse_linux 1.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
trustix secure_linux 1.5
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
linux linux_kernel 2.4.13
redhat enterprise_linux 2.1
CVE-2004-0956 MEDIUM

MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
suse suse_linux 9.0
suse suse_linux 8.1
oracle mysql 4.0.20
oracle mysql 4.0.18
oracle mysql 4.0.7
oracle mysql 4.0.8
oracle mysql 4.0.15
oracle mysql 4.0.13
oracle mysql 4.0.5
oracle mysql 4.0.5a
oracle mysql 4.0.3
oracle mysql 4.0.4
ubuntu ubuntu_linux 4.1
oracle mysql 4.0.6
oracle mysql 4.0.2
suse suse_linux 8.2
oracle mysql 4.0.11
oracle mysql 4.0.9
suse suse_linux 9.2
oracle mysql 4.0.1
oracle mysql 4.0.12
oracle mysql 4.0.0
suse suse_linux 9.1
oracle mysql 4.0.10
oracle mysql 4.0.14
CVE-2004-0957 MEDIUM

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse suse_linux 8.0
oracle mysql 3.23.28
oracle mysql 3.23.54
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
oracle mysql 3.23.24
oracle mysql 3.23.32
oracle mysql 3.22.29
oracle mysql 3.23.44
suse suse_linux 8.1
oracle mysql 3.23.45
oracle mysql 4.0.18
trustix secure_linux 2.1
oracle mysql 4.0.7
redhat enterprise_linux 3.0
oracle mysql 4.0.15
oracle mysql 4.0.5
oracle mysql 4.0.5a
oracle mysql 4.0.3
oracle mysql 4.0.4
oracle mysql 3.23.54a
ubuntu ubuntu_linux 4.1
oracle mysql 3.23.25
oracle mysql 3.23.10
oracle mysql 3.23.31
oracle mysql 3.23.37
oracle mysql 4.0.6
oracle mysql 3.21
suse suse_linux 8.2
oracle mysql 3.23.50
oracle mysql 3.23.48
oracle mysql 3.23.49
oracle mysql 3.22.32
oracle mysql 3.23.43
oracle mysql 4.0.1
oracle mysql 3.23.4
oracle mysql 3.23.47
oracle mysql 3.23.29
oracle mysql 3.23.34
oracle mysql 4.0.12
oracle mysql 3.23.26
oracle mysql 3.23.33
oracle mysql 3.23.55
oracle mysql 3.23.59
oracle mysql 3.23.40
oracle mysql 4.0.0
oracle mysql 4.0.10
oracle mysql 4.0.14
oracle mysql 3.23.42
openpkg openpkg 2.2
oracle mysql 3.23.27
oracle mysql 3.23.46
oracle mysql 3.23.53
oracle mysql 3.23.53a
oracle mysql 3.23.8
oracle mysql 4.0.20
trustix secure_linux 2.0
oracle mysql 3.22.30
oracle mysql 3.23.23
oracle mysql 4.0.8
oracle mysql 3.23.9
oracle mysql 4.0.13
oracle mysql 3.20
oracle mysql 3.23
oracle mysql 3.23.58
oracle mysql 3.23.3
oracle mysql 3.23.51
openpkg openpkg 2.1
oracle mysql 3.23.41
oracle mysql 3.23.30
oracle mysql 3.23.5
oracle mysql 3.22.27
oracle mysql 3.23.56
oracle mysql 3.23.39
oracle mysql 3.22.28
oracle mysql 3.23.22
openpkg openpkg current
oracle mysql 3.22
oracle mysql 4.0.2
oracle mysql 4.0.11
oracle mysql 3.23.38
oracle mysql 4.0.9
oracle mysql 3.23.2
oracle mysql 3.23.52
suse suse_linux 9.2
oracle mysql 3.20.32a
oracle mysql 3.23.36
oracle mysql 3.22.26
trustix secure_linux 1.5
suse suse_linux 9.1
CVE-2004-0981 HIGH

Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
imagemagick imagemagick 6.0.5
imagemagick imagemagick 5.3.3
suse suse_linux 9.0
imagemagick imagemagick 5.4.3
suse suse_linux 8.1
debian debian_linux 3.0
imagemagick imagemagick 6.0.6
imagemagick imagemagick 5.4.7
imagemagick imagemagick 5.5.7
imagemagick imagemagick 5.5.6.0_2003-04-09
imagemagick imagemagick 5.5.3.2.1.2.0
imagemagick imagemagick 6.0.4
imagemagick imagemagick 6.0.7
suse suse_linux 8.2
imagemagick imagemagick 6.0.8
imagemagick imagemagick 6.0
imagemagick imagemagick 5.4.8.2.1.1.0
imagemagick imagemagick 6.0.3
suse suse_linux 9.2
imagemagick imagemagick 5.4.4.5
imagemagick imagemagick 5.4.8
gentoo linux *
suse suse_linux 9.1
imagemagick imagemagick 6.0.1
CVE-2004-0986 HIGH

Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
linux linux_kernel 2.4.2
linux linux_kernel 2.4.16
linux linux_kernel 2.4.12
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.0.2
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
linux linux_kernel 2.4.11
linux linux_kernel 2.4.8
debian debian_linux 3.0
linux linux_kernel 2.4.9
linux linux_kernel 2.6.4
suse suse_iptables 1.2.11
linux linux_kernel 2.6.7
linux linux_kernel 2.4.21
linux linux_kernel 2.6.0
linux linux_kernel 2.4.10
linux linux_kernel 2.4.25
linux linux_kernel 2.4.15
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
linux linux_kernel 2.6.9
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
linux linux_kernel 2.4.22
linux linux_kernel 2.4.4
linux linux_kernel 2.4.5
linux linux_kernel 2.6.5
linux linux_kernel 2.4.1
linux linux_kernel 2.4.13
linux linux_kernel 2.6.1
CVE-2004-0990 HIGH

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
openpkg openpkg 2.2
suse suse_linux 8.0
suse suse_linux 9.0
gd_graphics_library gdlib 2.0.1
suse suse_linux 8.1
trustix secure_linux 2.0
trustix secure_linux 2.1
gd_graphics_library gdlib 2.0.15
gd_graphics_library gdlib 2.0.22
openpkg openpkg 2.1
gd_graphics_library gdlib 1.8.4
trustix secure_linux 2.2
gd_graphics_library gdlib 2.0.21
openpkg openpkg current
gd_graphics_library gdlib 2.0.23
suse suse_linux 8.2
gd_graphics_library gdlib 2.0.28
gd_graphics_library gdlib 2.0.27
suse suse_linux 9.2
gd_graphics_library gdlib 2.0.26
gentoo linux *
trustix secure_linux 1.5
suse suse_linux 9.1
gd_graphics_library gdlib 2.0.20
CVE-2004-0991 HIGH

Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
mpg123 mpg123 0.59r
suse suse_linux 8.2
suse suse_linux 9.0
mpg123 mpg123 0.59n
suse suse_linux 8.1
suse suse_linux 9.2
mpg123 mpg123 0.59o
mpg123 mpg123 0.59p
mpg123 mpg123 0.59s
mpg123 mpg123 0.59m
suse suse_linux 9.1
mpg123 mpg123 0.59q
CVE-2004-1004 HIGH

Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1005 HIGH

Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1009 MEDIUM

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1070 HIGH

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.4.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
linux linux_kernel 2.4.12
trustix secure_linux 2.1
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
linux linux_kernel 2.4.8
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
suse suse_linux 8.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
redhat linux_advanced_workstation 2.1
linux linux_kernel 2.4.16
trustix secure_linux 2.0
suse suse_linux 8
turbolinux turbolinux_server 10.0
linux linux_kernel 2.4.11
linux linux_kernel 2.4.9
trustix secure_linux 2.2
linux linux_kernel 2.6.0
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.15
suse suse_linux 9.2
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
suse suse_linux 1.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
trustix secure_linux 1.5
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
linux linux_kernel 2.4.13
redhat enterprise_linux 2.1
CVE-2004-1071 HIGH

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.4.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
linux linux_kernel 2.4.12
trustix secure_linux 2.1
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
linux linux_kernel 2.4.8
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
suse suse_linux 8.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
redhat linux_advanced_workstation 2.1
linux linux_kernel 2.4.16
trustix secure_linux 2.0
suse suse_linux 8
turbolinux turbolinux_server 10.0
linux linux_kernel 2.4.11
linux linux_kernel 2.4.9
trustix secure_linux 2.2
linux linux_kernel 2.6.0
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.15
suse suse_linux 9.2
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
suse suse_linux 1.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
trustix secure_linux 1.5
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
linux linux_kernel 2.4.13
redhat enterprise_linux 2.1
CVE-2004-1072 HIGH

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.4.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
linux linux_kernel 2.4.12
trustix secure_linux 2.1
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
linux linux_kernel 2.4.8
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
suse suse_linux 8.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
redhat linux_advanced_workstation 2.1
linux linux_kernel 2.4.16
trustix secure_linux 2.0
suse suse_linux 8
turbolinux turbolinux_server 10.0
linux linux_kernel 2.4.11
linux linux_kernel 2.4.9
trustix secure_linux 2.2
linux linux_kernel 2.6.0
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.15
suse suse_linux 9.2
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
suse suse_linux 1.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
trustix secure_linux 1.5
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
linux linux_kernel 2.4.13
redhat enterprise_linux 2.1
CVE-2004-1073 LOW

The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.4.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
linux linux_kernel 2.4.12
trustix secure_linux 2.1
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
linux linux_kernel 2.4.8
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
suse suse_linux 8.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
redhat linux_advanced_workstation 2.1
linux linux_kernel 2.4.16
trustix secure_linux 2.0
suse suse_linux 8
turbolinux turbolinux_server 10.0
linux linux_kernel 2.4.11
linux linux_kernel 2.4.9
trustix secure_linux 2.2
linux linux_kernel 2.6.0
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.15
suse suse_linux 9.2
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
suse suse_linux 1.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
trustix secure_linux 1.5
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
linux linux_kernel 2.4.13
redhat enterprise_linux 2.1
CVE-2004-1090 MEDIUM

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1091 MEDIUM

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1092 MEDIUM

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1093 MEDIUM

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1096 HIGH

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_secure_content_manager 1.1
sophos sophos_anti-virus 3.78
mcafee antivirus_engine 4.3.20
sophos sophos_anti-virus 3.4.6
sophos sophos_anti-virus 3.79
kaspersky_lab kaspersky_anti-virus 5.0
broadcom etrust_antivirus_gateway 7.0
rav_antivirus rav_antivirus_for_file_servers 1.0
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.80
broadcom etrust_antivirus 7.0
ca etrust_antivirus 7.0_sp2
sophos sophos_anti-virus 3.81
broadcom inoculateit 6.0
eset_software nod32_antivirus 1.0.11
broadcom etrust_ez_armor 2.3
sophos sophos_puremessage_anti-virus 4.6
sophos sophos_anti-virus 3.85
sophos sophos_anti-virus 3.86
sophos sophos_anti-virus 3.83
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
sophos sophos_anti-virus 3.82
broadcom brightstor_arcserve_backup 11.1
eset_software nod32_antivirus 1.0.13
broadcom etrust_intrusion_detection 1.5
broadcom etrust_secure_content_manager 1.0
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.84
rav_antivirus rav_antivirus_desktop 8.6
sophos sophos_anti-virus 3.78d
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_antivirus 6.2
broadcom etrust_ez_armor 2.4
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 4.0
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_armor 2.0
broadcom etrust_antivirus 7.1
broadcom etrust_intrusion_detection 1.4.5
sophos sophos_small_business_suite 1.0
gentoo linux *
gentoo linux 1.4
eset_software nod32_antivirus 1.0.12
broadcom etrust_ez_antivirus 6.3
CVE-2004-1098 HIGH

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
roaring_penguin mimedefang 2.4
suse suse_linux 8.0
mandrakesoft mandrake_linux 9.2
roaring_penguin mimedefang 2.45
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 8.1
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
mandrakesoft mandrake_linux 10.0
roaring_penguin mimedefang 4.47
roaring_penguin mimedefang 2.41
roaring_penguin mimedefang 2.14
roaring_penguin mimedefang 2.20
roaring_penguin mimedefang 2.42
roaring_penguin mimedefang 4.46
roaring_penguin mimedefang 2.38
roaring_penguin mimedefang 2.39
roaring_penguin mimedefang 2.43
suse suse_linux 9.1
roaring_penguin mimedefang 2.44
mandrakesoft mandrake_linux_corporate_server 2.1
roaring_penguin mimedefang 2.21
CVE-2004-1139 MEDIUM

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.4
suse suse_linux 8.0
ethereal_group ethereal 0.9.8
ethereal_group ethereal 0.9.13
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.10.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
ethereal_group ethereal 0.10
suse suse_linux 8.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.5
redhat enterprise_linux 3.0
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.12
debian debian_linux 3.0
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.11
sgi propack 3.0
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.1
suse suse_linux 8.2
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.15
suse suse_linux 9.2
conectiva linux 9.0
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.2
suse suse_linux 9.1
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.16
redhat enterprise_linux 2.1
conectiva linux 10.0
CVE-2004-1142 MEDIUM

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.4
suse suse_linux 8.0
ethereal_group ethereal 0.9.8
ethereal_group ethereal 0.9.13
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.10.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
ethereal_group ethereal 0.10
suse suse_linux 8.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.5
redhat enterprise_linux 3.0
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.12
debian debian_linux 3.0
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.11
sgi propack 3.0
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.1
suse suse_linux 8.2
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.15
suse suse_linux 9.2
conectiva linux 9.0
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.2
suse suse_linux 9.1
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.16
redhat enterprise_linux 2.1
conectiva linux 10.0
CVE-2004-1145 MEDIUM

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.4
suse suse_linux 8.0
ethereal_group ethereal 0.9.8
ethereal_group ethereal 0.9.13
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.10.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
ethereal_group ethereal 0.10
suse suse_linux 8.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.5
redhat enterprise_linux 3.0
ethereal_group ethereal 0.9
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.12
debian debian_linux 3.0
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.11
sgi propack 3.0
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.9.1
suse suse_linux 8.2
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.15
suse suse_linux 9.2
conectiva linux 9.0
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.2
suse suse_linux 9.1
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.16
redhat enterprise_linux 2.1
conectiva linux 10.0
CVE-2004-1154 HIGH

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
samba samba 3.0.5
suse suse_linux 9.0
redhat fedora_core core_2.0
samba samba 2.2.0
suse suse_linux 8.1
samba samba 2.2.12
samba samba 2.2.1a
trustix secure_linux 2.1
samba samba 2.0.9
redhat fedora_core core_3.0
samba samba 2.2.7
samba samba 3.0.1
samba samba 2.2.3
samba samba 3.0.2a
samba samba 2.0.3
samba samba 2.0.0
samba samba 2.0.7
suse suse_linux 8.2
samba samba 2.2.5
samba samba 2.0.10
samba samba 2.2.4
samba samba 3.0.2
samba samba 2.2.3a
samba samba 2.2.2
samba samba 3.0.7
samba samba 2.2.8
samba samba 3.0.6
samba samba 2.2.0a
samba samba 3.0.4
samba samba 2.2.7a
trustix secure_linux 2.0
samba samba 2.0.5
samba samba 2.2.11
samba samba 3.0.9
samba samba 2.0.1
trustix secure_linux 2.2
samba samba 2.0.8
samba samba 2.2.9
samba samba 3.0.3
samba samba 2.0.6
samba samba 2.2.6
samba samba 3.0.8
samba samba 2.0.2
suse suse_linux 9.2
samba samba 2.2a
samba samba 2.0.4
samba samba 3.0.0
suse suse_linux 1.0
suse suse_linux 9.1
samba samba 2.2.8a
CVE-2004-1170 HIGH

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.2
suse suse_linux 9.0
gnu a2ps 4.13
suse suse_linux 8.1
gnu a2ps 4.13b
suse suse_linux 8
suse suse_linux 9.1
sun java_desktop_system 2.0
sun java_desktop_system 2003
CVE-2004-1174 MEDIUM

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1175 HIGH

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1176 HIGH

Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
midnight_commander midnight_commander 4.5.46
redhat linux_advanced_workstation 2.1
midnight_commander midnight_commander 4.5.40
suse suse_linux 9.0
suse suse_linux 8.1
turbolinux turbolinux_server 8.0
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.48
debian debian_linux 3.0
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.6
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
turbolinux turbolinux_workstation 7.0
suse suse_linux 8.2
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.51
suse suse_linux 9.2
midnight_commander midnight_commander 4.5.41
turbolinux turbolinux_workstation 8.0
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.42
gentoo linux *
suse suse_linux 9.1
turbolinux turbolinux_server 7.0
redhat enterprise_linux 2.1
CVE-2004-1184 MEDIUM

The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 4.4.1
suse suse_linux 7.2
suse suse_linux 8.0
suse suse_linux 4.3
suse suse_linux 9.0
redhat fedora_core core_2.0
suse suse_linux 8.1
suse suse_linux 6.0
suse suse_linux 7.1
suse suse_linux 6.2
redhat fedora_core core_3.0
suse suse_linux 4.0
suse suse_linux 2.0
suse suse_linux 6.1
suse suse_linux 3.0
gnu enscript 1.6.3
sgi propack 3.0
suse suse_linux 4.4
gnu enscript 1.6
suse suse_linux 6.4
suse suse_linux 7.3
suse suse_linux 8.2
suse suse_linux 4.2
gnu enscript 1.5
suse suse_linux 6.3
suse suse_linux 5.3
suse suse_linux 9.2
suse suse_linux 5.0
suse suse_linux 1.0
gnu enscript 1.4
gnu enscript 1.6.1
gnu enscript 1.6.2
gnu enscript 1.6.4
suse suse_linux 5.2
suse suse_linux 5.1
suse suse_linux 9.1
suse suse_linux 7.0
CVE-2004-1190 LOW

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 8.1
CVE-2004-1191 LOW

Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.1
suse suse_linux *
suse suse_linux 9.2
CVE-2004-1235 MEDIUM

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.6.10
linux linux_kernel 2.4.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
linux linux_kernel 2.4.12
avaya s8710 r2.0.1
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
avaya s8700 r2.0.0
redhat linux 7.3
mandrakesoft mandrake_multi_network_firewall 8.2
linux linux_kernel 2.4.8
linux linux_kernel 2.4.29
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
avaya s8300 r2.0.1
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
redhat fedora_core core_1.0
suse suse_linux 8.2
avaya s8300 r2.0.0
linux linux_kernel 2.4.25
avaya s8710 r2.0.0
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.1
conectiva linux 10.0
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
mandrakesoft mandrake_linux 9.2
avaya s8500 r2.0.1
redhat enterprise_linux_desktop 4.0
linux linux_kernel 2.4.16
suse suse_linux 8
avaya converged_communications_server 2.0
avaya s8500 r2.0.0
avaya modular_messaging_message_storage_server 1.1
mandrakesoft mandrake_linux 10.0
avaya s8700 r2.0.1
linux linux_kernel 2.4.11
avaya intuity_audix *
linux linux_kernel 2.4.9
linux linux_kernel 2.6.0
avaya mn100 *
linux linux_kernel 2.4.28
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.15
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
redhat linux 9.0
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
mandrakesoft mandrake_linux_corporate_server 3.0
suse suse_linux 1.0
avaya network_routing *
redhat enterprise_linux 4.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
avaya modular_messaging_message_storage_server 2.0
linux linux_kernel 2.4.13
CVE-2004-1237 LOW

Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.6.10
linux linux_kernel 2.4.2
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
suse suse_linux 8.1
linux linux_kernel 2.4.12
linux linux_kernel 2.4.0
linux linux_kernel 2.6.6
redhat enterprise_linux 3.0
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
linux linux_kernel 2.4.3
linux linux_kernel 2.4.7
linux linux_kernel 2.4.8
linux linux_kernel 2.4.29
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
linux linux_kernel 2.4.21
linux linux_kernel 2.4.10
suse suse_linux 8.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.4.22
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.6.5
linux linux_kernel 2.6.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.24
linux linux_kernel 2.4.16
suse suse_linux 8
linux linux_kernel 2.4.11
linux linux_kernel 2.4.9
linux linux_kernel 2.6.0
linux linux_kernel 2.4.28
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.15
suse suse_linux 9.2
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
suse suse_linux 1.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
suse suse_linux 9.1
linux linux_kernel 2.4.5
linux linux_kernel 2.4.1
linux linux_kernel 2.4.13
CVE-2004-1476 MEDIUM

Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
xine xine 1_rc3
xine xine-lib 1_rc3
suse suse_linux 8.2
xine xine-lib 1_rc4
suse suse_linux 9.0
xine xine-lib 1_rc5
suse suse_linux 8.1
suse suse_linux 9.2
xine xine 1_rc2
xine xine-lib 1_rc2
xine xine 1_rc4
xine xine 0.9.18
xine xine 1_rc5
suse suse_linux 9.1
xine xine-lib 0.99
CVE-2004-1491 MEDIUM

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse suse_linux 4.4.1
suse suse_linux 7.2
suse suse_linux 8.0
kde kde 3.2.3
suse suse_linux 4.3
suse suse_linux 9.0
suse suse_linux 8.1
suse suse_linux 6.0
suse suse_linux 7.1
suse suse_linux 6.2
suse suse_linux 4.0
suse suse_linux 2.0
suse suse_linux 6.1
suse suse_linux 3.0
opera opera_browser *
suse suse_linux 4.4
suse suse_linux 6.4
suse suse_linux 7.3
suse suse_linux 8.2
suse suse_linux 4.2
suse suse_linux 6.3
suse suse_linux 5.3
suse suse_linux 9.2
suse suse_linux 5.0
suse suse_linux 1.0
suse suse_linux 5.2
gentoo linux *
suse suse_linux 5.1
suse suse_linux 9.1
suse suse_linux 7.0
CVE-2004-1895 LOW

YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.2
suse suse_linux 9.0
CVE-2004-2004 HIGH

The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.1
CVE-2004-2097 LOW

Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
CVE-2004-2658 LOW

resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
CVE-2005-0005 HIGH

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
imagemagick imagemagick 6.0.5
imagemagick imagemagick 6.1.5
imagemagick imagemagick 5.3.3
suse suse_linux 9.0
imagemagick imagemagick 5.4.3
suse suse_linux 8.1
graphicsmagick graphicsmagick 1.1
imagemagick imagemagick 6.1.4
graphicsmagick graphicsmagick 1.0.6
imagemagick imagemagick 6.2.0.7
debian debian_linux 3.0
graphicsmagick graphicsmagick 1.0
imagemagick imagemagick 6.1.1.6
imagemagick imagemagick 6.0.6
imagemagick imagemagick 6.1.3
sgi propack 3.0
imagemagick imagemagick 5.4.7
imagemagick imagemagick 6.2
imagemagick imagemagick 6.0.4
imagemagick imagemagick 6.0.7
gentoo linux 0.5
suse suse_linux 8.2
graphicsmagick graphicsmagick 1.1.4
imagemagick imagemagick 6.0.8
imagemagick imagemagick 6.0
imagemagick imagemagick 6.2.0.4
imagemagick imagemagick 6.0.3
imagemagick imagemagick 6.1.7
suse suse_linux 9.2
imagemagick imagemagick 6.0.2
graphicsmagick graphicsmagick 1.1.3
gentoo linux 1.1a
gentoo linux 0.7
gentoo linux 1.2
imagemagick imagemagick 6.0.2.5
imagemagick imagemagick 6.1
imagemagick imagemagick 6.1.6
suse suse_linux 9.1
imagemagick imagemagick 6.1.2
gentoo linux 1.4
imagemagick imagemagick 6.0.1
CVE-2005-0085 MEDIUM

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
htdig htdig 3.1.5_7
htdig htdig 3.2.0
suse suse_linux 8.2
htdig htdig 3.2.0b2
suse suse_linux 9.0
htdig htdig 3.2.0b5
suse suse_linux 8.1
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
htdig htdig 3.2.0b4
mandrakesoft mandrake_linux_corporate_server 3.0
redhat fedora_core core_3.0
htdig htdig 3.2.0b3
mandrakesoft mandrake_linux 10.0
htdig htdig 3.1.5_8
htdig htdig 3.1.5
htdig htdig 3.2.0b6
suse suse_linux 9.1
mandrakesoft mandrake_linux_corporate_server 2.1
htdig htdig 3.1.6
CVE-2005-0156 LOW

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
ibm aix 5.2
suse suse_linux 8.1
trustix secure_linux 2.0
trustix secure_linux 2.1
redhat enterprise_linux 3.0
redhat fedora_core core_3.0
ibm aix 5.3
larry_wall perl 5.8.4.3
larry_wall perl 5.8.4.1
larry_wall perl 5.8.4.4
larry_wall perl 5.8.4.2.3
larry_wall perl 5.8.4.2
ubuntu ubuntu_linux 4.1
larry_wall perl 5.8.4.5
trustix secure_linux 2.2
larry_wall perl 5.8.1
sgi propack 3.0
larry_wall perl 5.8.0
suse suse_linux 8.2
suse suse_linux 9.2
larry_wall perl 5.8.4
trustix secure_linux 1.5
larry_wall perl 5.8.3
suse suse_linux 9.1
CVE-2005-0206 HIGH

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
cstex cstetex 2.0.2
suse suse_linux 8.0
kde kde 3.2
kde kde 3.3
xpdf xpdf 0.93
redhat fedora_core core_3.0
easy_software_products cups 1.1.16
pdftohtml pdftohtml 0.36
easy_software_products cups 1.1.13
xpdf xpdf 1.0a
suse suse_linux 8.2
easy_software_products cups 1.1.4
suse suse_linux 4.2
pdftohtml pdftohtml 0.33a
kde kde 3.2.2
kde kde 3.2.1
easy_software_products cups 1.1.15
xpdf xpdf 0.91
suse suse_linux 5.2
easy_software_products cups 1.1.6
tetex tetex 1.0.6
kde koffice 1.3.1
redhat linux_advanced_workstation 2.1
xpdf xpdf 2.0
easy_software_products cups 1.1.14
xpdf xpdf 1.0
easy_software_products cups 1.1.17
xpdf xpdf 1.1
tetex tetex 2.0.2
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.7
kde koffice 1.3_beta1
gnome gpdf 0.110
pdftohtml pdftohtml 0.32b
xpdf xpdf 0.92
pdftohtml pdftohtml 0.32a
suse suse_linux 7.3
suse suse_linux 9.2
redhat linux 9.0
tetex tetex 2.0.1
suse suse_linux 5.0
pdftohtml pdftohtml 0.34
kde kde 3.3.1
kde koffice 1.3_beta2
xpdf xpdf 0.90
suse suse_linux 4.4.1
easy_software_products cups 1.1.1
kde kde 3.2.3
kde koffice 1.3_beta3
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
gnome gpdf 0.131
suse suse_linux 6.0
suse suse_linux 7.1
redhat enterprise_linux 3.0
kde kpdf 3.2
ubuntu ubuntu_linux 4.1
sgi propack 3.0
gnome gpdf 0.112
pdftohtml pdftohtml 0.35
tetex tetex 1.0.7
suse suse_linux 4.4
redhat fedora_core core_1.0
xpdf xpdf 2.1
easy_software_products cups 1.1.20
ascii ptex 3.1.4
kde koffice 1.3
easy_software_products cups 1.0.4
suse suse_linux 5.1
suse suse_linux 7.0
pdftohtml pdftohtml 0.33
suse suse_linux 4.3
easy_software_products cups 1.1.19_rc5
easy_software_products cups 1.1.12
suse suse_linux 6.2
easy_software_products cups 1.1.18
xpdf xpdf 2.3
easy_software_products cups 1.1.19
suse suse_linux 4.0
suse suse_linux 2.0
sgi advanced_linux_environment 3.0
suse suse_linux 6.1
suse suse_linux 3.0
debian debian_linux 3.0
easy_software_products cups 1.1.10
tetex tetex 2.0
suse suse_linux 6.4
kde koffice 1.3.3
suse suse_linux 6.3
kde koffice 1.3.2
suse suse_linux 5.3
mandrakesoft mandrake_linux_corporate_server 3.0
suse suse_linux 1.0
easy_software_products cups 1.1.4_5
easy_software_products cups 1.1.4_3
xpdf xpdf 3.0
gentoo linux *
easy_software_products cups 1.1.4_2
suse suse_linux 9.1
redhat enterprise_linux 2.1
CVE-2005-0207 LOW

Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.5.19
linux linux_kernel 2.5.69
linux linux_kernel 2.4.2
linux linux_kernel 2.5.44
linux linux_kernel 2.5.13
linux linux_kernel 2.5.50
linux linux_kernel 2.4.12
linux linux_kernel 2.4.0
linux linux_kernel 2.5.48
linux linux_kernel 2.4.7
linux linux_kernel 2.5.29
linux linux_kernel 2.5.42
linux linux_kernel 2.5.40
linux linux_kernel 2.5.4
linux linux_kernel 2.5.36
linux linux_kernel 2.6.4
linux linux_kernel 2.4.21
linux linux_kernel 2.5.34
suse suse_linux 8.2
linux linux_kernel 2.5.63
linux linux_kernel 2.5.30
linux linux_kernel 2.5.0
linux linux_kernel 2.5.35
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.5.3
linux linux_kernel 2.6.5
conectiva linux 10.0
linux linux_kernel 2.4.26
redhat enterprise_linux_desktop 4.0
linux linux_kernel 2.5.20
linux linux_kernel 2.4.16
linux linux_kernel 2.5.21
linux linux_kernel 2.5.41
suse suse_linux 8
linux linux_kernel 2.5.1
linux linux_kernel 2.5.57
linux linux_kernel 2.5.18
linux linux_kernel 2.4.9
linux linux_kernel 2.5.32
linux linux_kernel 2.5.64
linux linux_kernel 2.5.68
linux linux_kernel 2.6.0
linux linux_kernel 2.5.28
linux linux_kernel 2.5.24
linux linux_kernel 2.4.28
linux linux_kernel 2.5.10
linux linux_kernel 2.6_test9_cvs
suse suse_linux 9.2
linux linux_kernel 2.4.23
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.4.1
linux linux_kernel 2.5.55
linux linux_kernel 2.4.6
linux linux_kernel 2.5.31
linux linux_kernel 2.6.10
suse suse_linux 9.0
linux linux_kernel 2.5.45
suse suse_linux 8.1
linux linux_kernel 2.5.9
linux linux_kernel 2.5.26
linux linux_kernel 2.6.6
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
linux linux_kernel 2.4.3
linux linux_kernel 2.5.12
linux linux_kernel 2.5.43
linux linux_kernel 2.5.37
linux linux_kernel 2.5.66
linux linux_kernel 2.5.61
linux linux_kernel 2.5.47
linux linux_kernel 2.5.5
linux linux_kernel 2.4.8
linux linux_kernel 2.5.62
linux linux_kernel 2.4.29
linux linux_kernel 2.6.7
linux linux_kernel 2.5.14
linux linux_kernel 2.5.58
linux linux_kernel 2.4.10
linux linux_kernel 2.5.54
linux linux_kernel 2.5.15
linux linux_kernel 2.5.17
linux linux_kernel 2.4.25
linux linux_kernel 2.5.59
linux linux_kernel 2.5.38
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.6.9
linux linux_kernel 2.5.25
linux linux_kernel 2.5.60
linux linux_kernel 2.4.22
linux linux_kernel 2.5.46
linux linux_kernel 2.4.4
linux linux_kernel 2.6.1
linux linux_kernel 2.4.24
linux linux_kernel 2.5.6
linux linux_kernel 2.5.49
linux linux_kernel 2.5.39
linux linux_kernel 2.5.27
linux linux_kernel 2.5.65
linux linux_kernel 2.5.7
linux linux_kernel 2.5.8
linux linux_kernel 2.5.11
linux linux_kernel 2.4.11
linux linux_kernel 2.5.53
linux linux_kernel 2.5.33
linux linux_kernel 2.5.51
linux linux_kernel 2.5.22
linux linux_kernel 2.4.15
linux linux_kernel 2.6.8
suse suse_linux 1.0
redhat enterprise_linux 4.0
linux linux_kernel 2.4.17
linux linux_kernel 2.5.23
linux linux_kernel 2.4.18
linux linux_kernel 2.5.56
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
linux linux_kernel 2.5.67
suse suse_linux 9.1
linux linux_kernel 2.5.2
linux linux_kernel 2.5.52
linux linux_kernel 2.4.5
linux linux_kernel 2.4.13
linux linux_kernel 2.5.16
CVE-2005-0337 HIGH

Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
wietse_venema postfix 2.1.3
redhat enterprise_linux 4.0
suse suse_linux 8.2
redhat enterprise_linux_desktop 4.0
suse suse_linux 9.0
suse suse_linux 8.1
suse suse_linux 9.1
suse suse_linux 9.2
CVE-2005-0373 HIGH

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
cyrus sasl 1.5.24
cyrus sasl 2.1.10
cyrus sasl 2.1.9
suse suse_linux 9.0
apple mac_os_x_server 10.2.5
apple mac_os_x 10.1.3
suse suse_linux 8.1
apple mac_os_x 10.0.3
cyrus sasl 2.1.11
apple mac_os_x 10.3
cyrus sasl 2.1.12
apple mac_os_x 10.2.7
suse suse_cvsup 16.1h_36.i586
apple mac_os_x 10.1
apple mac_os_x 10.2.2
apple mac_os_x 10.1.1
cyrus sasl 2.1.16
apple mac_os_x_server 10.2.6
cyrus sasl 2.1.17
redhat fedora_core core_1.0
apple mac_os_x_server 10.1.4
apple mac_os_x 10.0.4
suse suse_linux 8.2
cyrus sasl 2.1.13
apple mac_os_x_server 10.1.5
apple mac_os_x 10.1.4
apple mac_os_x_server 10.2.8
apple mac_os_x_server 10.2.1
apple mac_os_x 10.2.3
apple mac_os_x 10.3.8
apple mac_os_x_server 10.1
apple mac_os_x_server 10.3
apple mac_os_x_server 10.3.3
conectiva linux 9.0
apple mac_os_x 10.2
apple mac_os_x 10.1.2
apple mac_os_x_server 10.1.2
apple mac_os_x_server 10.3.4
cyrus sasl 2.1.15
apple mac_os_x_server 10.3.1
apple mac_os_x 10.2.4
apple mac_os_x_server 10.1.1
apple mac_os_x 10.0.2
apple mac_os_x 10.3.6
conectiva linux 10.0
openpkg openpkg 2.2
cyrus sasl 1.5.28
cyrus sasl 2.1.14
apple mac_os_x 10.2.6
apple mac_os_x 10.0
apple mac_os_x_server 10.3.7
apple mac_os_x 10.3.1
apple mac_os_x_server 10.2.2
apple mac_os_x 10.2.5
apple mac_os_x 10.3.5
openpkg openpkg 2.1
apple mac_os_x 10.2.8
cyrus sasl 2.1.18
cyrus sasl 2.1.18_r1
apple mac_os_x 10.1.5
apple mac_os_x_server 10.3.2
apple mac_os_x_server 10.3.8
apple mac_os_x 10.3.2
apple mac_os_x 10.3.3
apple mac_os_x 10.3.4
suse suse_linux 9.2
apple mac_os_x_server 10.2.3
apple mac_os_x_server 10.3.5
cyrus sasl 1.5.27
suse suse_linux 1.0
apple mac_os_x 10.3.7
apple mac_os_x 10.2.1
apple mac_os_x_server 10.2.7
apple mac_os_x_server 10.3.6
apple mac_os_x 10.0.1
apple mac_os_x_server 10.2
suse suse_linux 9.1
apple mac_os_x_server 10.0
apple mac_os_x_server 10.2.4
apple mac_os_x_server 10.1.3
CVE-2005-0384 MEDIUM

Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
ubuntu ubuntu_linux 4.10
trustix secure_linux 2.1
trustix secure_linux 2.2
redhat enterprise_linux 2.1
trustix secure_linux 2
CVE-2005-0398 MEDIUM

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux_desktop 3.0
kame racoon 2005-01-24
kame racoon 2005-02-07
redhat enterprise_linux 3.0
kame racoon 2003-07-11
kame racoon 2005-01-10
kame racoon 2005-02-21
kame racoon 2004-05-03
kame racoon 2005-02-28
sgi propack 3.0
kame racoon 2005-01-31
kame racoon 2005-03-07
suse suse_linux *
suse suse_linux 9.2
altlinux alt_linux 2.3
kame racoon 2005-01-03
kame racoon 2005-01-17
ipsec-tools ipsec-tools 0.3.3
kame racoon 2004-04-07b
redhat enterprise_linux 4.0
ipsec-tools ipsec-tools 0.5
kame racoon 2004-04-05
kame racoon 2005-02-14
suse suse_linux 9.1
CVE-2005-0470 MEDIUM

Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wpa_supplicant wpa_supplicant 0.2.4
wpa_supplicant wpa_supplicant 0.2.1
wpa_supplicant wpa_supplicant 0.2.6
wpa_supplicant wpa_supplicant 0.2.2
wpa_supplicant wpa_supplicant 0.2
wpa_supplicant wpa_supplicant 0.2.5
gentoo linux *
wpa_supplicant wpa_supplicant 0.2.3
suse suse_linux 9.2
CVE-2005-0605 HIGH

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.2
suse suse_linux 8.0
xfree86_project x11r6 4.0.1
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
suse suse_linux 8.1
suse suse_linux 7.1
mandrakesoft mandrake_linux 10.2
redhat enterprise_linux 3.0
redhat fedora_core core_3.0
x.org x11r6 6.8.1
mandrakesoft mandrake_linux_corporate_server 2.1
sgi propack 3.0
suse suse_linux 8.2
xfree86_project x11r6 3.3.6
lesstif lesstif 0.93.94
xfree86_project x11r6 3.3.5
altlinux alt_linux 2.3
xfree86_project x11r6 3.3
suse suse_linux 7.0
xfree86_project x11r6 4.3.0
redhat enterprise_linux_desktop 4.0
xfree86_project x11r6 3.3.2
suse suse_linux 6.2
mandrakesoft mandrake_linux 10.0
xfree86_project x11r6 3.3.3
xfree86_project x11r6 4.1.12
x.org x11r6 6.8
suse suse_linux 6.1
xfree86_project x11r6 4.1.11
xfree86_project x11r6 4.3.0.2
suse suse_linux 6.4
xfree86_project x11r6 4.0.2.11
suse suse_linux 7.3
xfree86_project x11r6 4.3.0.1
xfree86_project x11r6 4.1.0
x.org x11r6 6.7.0
suse suse_linux 6.3
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
xfree86_project x11r6 4.2.0
mandrakesoft mandrake_linux_corporate_server 3.0
xfree86_project x11r6 4.2.1
xfree86_project x11r6 4.0
redhat enterprise_linux 4.0
xfree86_project x11r6 3.3.4
xfree86_project x11r6 4.0.3
suse suse_linux 9.1
CVE-2005-0638 HIGH

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 4.4.1
suse suse_linux 7.2
suse suse_linux 8.0
suse suse_linux 4.3
suse suse_linux 9.0
suse suse_linux 8.1
suse suse_linux 6.0
suse suse_linux 9.3
suse suse_linux 7.1
suse suse_linux 6.2
xli xli 1.17
suse suse_linux 4.0
suse suse_linux 2.0
suse suse_linux 6.1
suse suse_linux 3.0
xli xli 1.16
xli xli 1.14
suse suse_linux 4.4
suse suse_linux 6.4
suse suse_linux 7.3
suse suse_linux 8.2
suse suse_linux 4.2
suse suse_linux 6.3
suse suse_linux 5.3
suse suse_linux 9.2
altlinux alt_linux 2.3
suse suse_linux 5.0
suse suse_linux 1.0
suse suse_linux 5.2
xli xli 1.15
suse suse_linux 5.1
suse suse_linux 9.1
suse suse_linux 7.0
CVE-2005-0639 HIGH

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 4.4.1
suse suse_linux 7.2
suse suse_linux 8.0
suse suse_linux 4.3
suse suse_linux 9.0
suse suse_linux 8.1
suse suse_linux 6.0
suse suse_linux 9.3
suse suse_linux 7.1
suse suse_linux 6.2
xli xli 1.17
suse suse_linux 4.0
suse suse_linux 2.0
suse suse_linux 6.1
suse suse_linux 3.0
xli xli 1.16
xli xli 1.14
suse suse_linux 4.4
suse suse_linux 6.4
suse suse_linux 7.3
suse suse_linux 8.2
suse suse_linux 4.2
suse suse_linux 6.3
suse suse_linux 5.3
suse suse_linux 9.2
altlinux alt_linux 2.3
suse suse_linux 5.0
suse suse_linux 1.0
suse suse_linux 5.2
xli xli 1.15
suse suse_linux 5.1
suse suse_linux 9.1
suse suse_linux 7.0
CVE-2005-0750 HIGH

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.6
linux linux_kernel 2.4.26
linux linux_kernel 2.6.10
linux linux_kernel 2.4.24
redhat enterprise_linux_desktop 4.0
redhat fedora_core core_2.0
linux linux_kernel 2.4.16
suse suse_linux 9.3
linux linux_kernel 2.4.12
linux linux_kernel 2.6.6
linux linux_kernel 2.4.19
linux linux_kernel 2.6.3
redhat fedora_core core_3.0
linux linux_kernel 2.4.7
linux linux_kernel 2.4.11
redhat linux 7.3
linux linux_kernel 2.4.8
linux linux_kernel 2.4.9
linux linux_kernel 2.4.29
linux linux_kernel 2.6.4
linux linux_kernel 2.6.7
ubuntu ubuntu_linux 4.1
linux linux_kernel 2.4.21
linux linux_kernel 2.6.0
linux linux_kernel 2.4.10
redhat fedora_core core_1.0
linux linux_kernel 2.4.25
linux linux_kernel 2.4.28
linux linux_kernel 2.4.15
linux linux_kernel 2.6.11
redhat linux 9.0
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
suse suse_linux 1.0
linux linux_kernel 2.6.9
redhat enterprise_linux 4.0
linux linux_kernel 2.4.17
linux linux_kernel 2.4.18
linux linux_kernel 2.4.27
linux linux_kernel 2.4.14
linux linux_kernel 2.6.2
linux linux_kernel 2.4.20
linux linux_kernel 2.4.22
linux linux_kernel 2.6.5
linux linux_kernel 2.4.13
linux linux_kernel 2.6.1
conectiva linux 10.0
CVE-2005-1043 MEDIUM

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 4.4.1
suse suse_linux 7.2
suse suse_linux 8.0
php php 4.3.2
suse suse_linux 9.0
suse suse_linux 8.1
php php 4.3.6
suse suse_linux 6.0
suse suse_linux 7.1
apple mac_os_x 10.4.1
peachtree peachtree_linux release_1
apple mac_os_x_server 10.4
sgi propack 3.0
suse suse_linux 4.4
suse suse_linux 8.2
apple mac_os_x_server 10.4.1
suse suse_linux 4.2
php php 4.3.10
conectiva linux 9.0
suse suse_linux 5.2
php php 4.3.7
suse suse_linux 5.1
suse suse_linux 7.0
conectiva linux 10.0
php php 4.3.3
php php 4.3.4
php php 4.3.1
suse suse_linux 4.3
php php 4.3.5
apple mac_os_x 10.3.9
suse suse_linux 9.3
suse suse_linux 6.2
apple mac_os_x_server 10.3.9
php php 4.3.8
suse suse_linux 4.0
suse suse_linux 2.0
suse suse_linux 6.1
suse suse_linux 3.0
apple mac_os_x 10.4
php php 4.3.0
suse suse_linux 6.4
suse suse_linux 7.3
suse suse_linux 6.3
suse suse_linux 5.3
suse suse_linux 9.2
suse suse_linux 5.0
suse suse_linux 1.0
php php 4.3.9
suse suse_linux 9.1
CVE-2005-1761 LOW

Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
suse suse_linux 1.0
novell linux_desktop 9
suse suse_linux 9.0
novell open_enterprise_server 9
suse suse_linux 9.3
suse suse_linux 8
suse suse_linux 9.1
suse suse_linux 9.2
CVE-2005-1763 HIGH

Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 1.0
novell linux_desktop 9
suse suse_linux 9.0
suse suse_linux 8
CVE-2005-1767 LOW

traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 1.0
novell linux_desktop 9
suse suse_linux 9.0
novell open_enterprise_server 9
suse suse_linux 9.3
suse suse_linux 8
suse suse_linux 9.1
suse suse_linux 9.2
CVE-2005-2023 HIGH

The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.3
CVE-2005-3013 MEDIUM

Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.3
CVE-2005-3146 LOW

StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
storebackup storebackup 1.18.3
storebackup storebackup 1.9.1
storebackup storebackup 1.12.1
storebackup storebackup 1.3
storebackup storebackup 1.4
storebackup storebackup 1.18
storebackup storebackup 1.12
storebackup storebackup 1.10
storebackup storebackup 1.12.2
storebackup storebackup 1.11
storebackup storebackup 1.14
storebackup storebackup 1.18.4
storebackup storebackup 1.10.1
storebackup storebackup 1.13
storebackup storebackup 1.8
storebackup storebackup 1.7
storebackup storebackup 1.16.2
storebackup storebackup 1.9
storebackup storebackup 1.16.1
suse suse_linux *
storebackup storebackup 1.6
storebackup storebackup 1.18.2
storebackup storebackup 1.16
storebackup storebackup 1.1
storebackup storebackup 1.2
storebackup storebackup 1.18.1
storebackup storebackup 1.17
storebackup storebackup 1.5
storebackup storebackup 1.8.1
storebackup storebackup 1.15
CVE-2005-3147 LOW

StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
storebackup storebackup 1.18.3
storebackup storebackup 1.9.1
storebackup storebackup 1.12.1
storebackup storebackup 1.3
storebackup storebackup 1.4
storebackup storebackup 1.18
storebackup storebackup 1.12
storebackup storebackup 1.10
storebackup storebackup 1.12.2
storebackup storebackup 1.11
storebackup storebackup 1.14
storebackup storebackup 1.18.4
storebackup storebackup 1.10.1
storebackup storebackup 1.13
storebackup storebackup 1.8
storebackup storebackup 1.7
storebackup storebackup 1.16.2
storebackup storebackup 1.9
storebackup storebackup 1.16.1
suse suse_linux *
storebackup storebackup 1.6
storebackup storebackup 1.18.2
storebackup storebackup 1.16
storebackup storebackup 1.1
storebackup storebackup 1.2
storebackup storebackup 1.18.1
storebackup storebackup 1.17
storebackup storebackup 1.5
storebackup storebackup 1.8.1
storebackup storebackup 1.15
CVE-2005-3148 MEDIUM

StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
storebackup storebackup 1.18.3
storebackup storebackup 1.9.1
storebackup storebackup 1.12.1
storebackup storebackup 1.3
storebackup storebackup 1.4
storebackup storebackup 1.18
storebackup storebackup 1.12
storebackup storebackup 1.10
storebackup storebackup 1.12.2
storebackup storebackup 1.11
storebackup storebackup 1.14
storebackup storebackup 1.18.4
storebackup storebackup 1.10.1
storebackup storebackup 1.13
storebackup storebackup 1.8
storebackup storebackup 1.7
storebackup storebackup 1.16.2
storebackup storebackup 1.9
storebackup storebackup 1.16.1
suse suse_linux *
storebackup storebackup 1.6
storebackup storebackup 1.18.2
storebackup storebackup 1.16
storebackup storebackup 1.1
storebackup storebackup 1.2
storebackup storebackup 1.18.1
storebackup storebackup 1.17
storebackup storebackup 1.5
storebackup storebackup 1.8.1
storebackup storebackup 1.15
CVE-2005-3298 HIGH

Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
CVE-2005-3321 MEDIUM

chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux 10.0
suse suse_linux 9.0
suse suse_linux 9.3
suse suse_linux 9.1
suse suse_linux 9.2
CVE-2005-3322 MEDIUM

Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
squid squid 2.6.stable1
suse suse_linux 9.0
CVE-2005-3624 MEDIUM

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
ubuntu ubuntu_linux 5.04
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_desktop 10.0
redhat fedora_core core_2.0
debian debian_linux 3.1
mandrakesoft mandrake_linux 10.2
kde kdegraphics 3.2
redhat enterprise_linux 3.0
redhat fedora_core core_3.0
turbolinux turbolinux_personal *
kde kpdf 3.4.3
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_multimedia *
redhat linux 7.3
redhat fedora_core core_4.0
kde kpdf 3.2
slackware slackware_linux 9.0
turbolinux turbolinux_server 10.0_x86
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
sgi propack 3.0
tetex tetex 1.0.7
redhat fedora_core core_1.0
turbolinux turbolinux fuji
turbolinux turbolinux_home *
tetex tetex 3.0
easy_software_products cups 1.1.22
libextractor libextractor *
trustix secure_linux 3.0
easy_software_products cups 1.1.22_rc1
kde koffice 1.4.2
slackware slackware_linux 10.0
ubuntu ubuntu_linux 5.10
sco openserver 5.0.7
conectiva linux 10.0
slackware slackware_linux 10.1
kde koffice 1.4.1
easy_software_products cups 1.1.23
redhat linux_advanced_workstation 2.1
mandrakesoft mandrake_linux 2006
redhat enterprise_linux_desktop 4.0
easy_software_products cups 1.1.23_rc1
suse suse_linux 9.3
trustix secure_linux 2.0
tetex tetex 2.0.2
turbolinux turbolinux_server 8.0
turbolinux turbolinux 10
kde kword 1.4.2
turbolinux turbolinux_server 10.0
sco openserver 6.0
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
suse suse_linux 10.0
slackware slackware_linux 10.2
debian debian_linux 3.0
trustix secure_linux 2.2
tetex tetex 2.0
kde kdegraphics 3.4.3
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
kde koffice 1.4
redhat linux 9.0
tetex tetex 2.0.1
mandrakesoft mandrake_linux_corporate_server 3.0
turbolinux turbolinux_workstation 8.0
suse suse_linux 1.0
redhat enterprise_linux 4.0
poppler poppler 0.4.2
xpdf xpdf 3.0
slackware slackware_linux 9.1
gentoo linux *
suse suse_linux 9.1
redhat enterprise_linux 2.1
CVE-2005-3625 HIGH

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
ubuntu ubuntu_linux 5.04
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_desktop 10.0
redhat fedora_core core_2.0
debian debian_linux 3.1
mandrakesoft mandrake_linux 10.2
kde kdegraphics 3.2
redhat enterprise_linux 3.0
redhat fedora_core core_3.0
turbolinux turbolinux_personal *
kde kpdf 3.4.3
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_multimedia *
redhat linux 7.3
redhat fedora_core core_4.0
kde kpdf 3.2
slackware slackware_linux 9.0
turbolinux turbolinux_server 10.0_x86
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
sgi propack 3.0
tetex tetex 1.0.7
redhat fedora_core core_1.0
turbolinux turbolinux fuji
turbolinux turbolinux_home *
tetex tetex 3.0
easy_software_products cups 1.1.22
libextractor libextractor *
trustix secure_linux 3.0
easy_software_products cups 1.1.22_rc1
kde koffice 1.4.2
slackware slackware_linux 10.0
ubuntu ubuntu_linux 5.10
sco openserver 5.0.7
conectiva linux 10.0
slackware slackware_linux 10.1
kde koffice 1.4.1
easy_software_products cups 1.1.23
redhat linux_advanced_workstation 2.1
mandrakesoft mandrake_linux 2006
redhat enterprise_linux_desktop 4.0
easy_software_products cups 1.1.23_rc1
suse suse_linux 9.3
trustix secure_linux 2.0
tetex tetex 2.0.2
turbolinux turbolinux_server 8.0
turbolinux turbolinux 10
kde kword 1.4.2
turbolinux turbolinux_server 10.0
sco openserver 6.0
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
suse suse_linux 10.0
slackware slackware_linux 10.2
debian debian_linux 3.0
trustix secure_linux 2.2
tetex tetex 2.0
kde kdegraphics 3.4.3
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
kde koffice 1.4
redhat linux 9.0
tetex tetex 2.0.1
mandrakesoft mandrake_linux_corporate_server 3.0
turbolinux turbolinux_workstation 8.0
suse suse_linux 1.0
redhat enterprise_linux 4.0
poppler poppler 0.4.2
xpdf xpdf 3.0
slackware slackware_linux 9.1
gentoo linux *
suse suse_linux 9.1
redhat enterprise_linux 2.1
CVE-2005-3626 MEDIUM

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
ubuntu ubuntu_linux 5.04
suse suse_linux 9.0
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_desktop 10.0
redhat fedora_core core_2.0
debian debian_linux 3.1
mandrakesoft mandrake_linux 10.2
kde kdegraphics 3.2
redhat enterprise_linux 3.0
redhat fedora_core core_3.0
turbolinux turbolinux_personal *
kde kpdf 3.4.3
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_multimedia *
redhat linux 7.3
redhat fedora_core core_4.0
kde kpdf 3.2
slackware slackware_linux 9.0
turbolinux turbolinux_server 10.0_x86
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
sgi propack 3.0
tetex tetex 1.0.7
redhat fedora_core core_1.0
turbolinux turbolinux fuji
turbolinux turbolinux_home *
tetex tetex 3.0
easy_software_products cups 1.1.22
libextractor libextractor *
trustix secure_linux 3.0
easy_software_products cups 1.1.22_rc1
kde koffice 1.4.2
slackware slackware_linux 10.0
ubuntu ubuntu_linux 5.10
sco openserver 5.0.7
conectiva linux 10.0
slackware slackware_linux 10.1
kde koffice 1.4.1
easy_software_products cups 1.1.23
redhat linux_advanced_workstation 2.1
mandrakesoft mandrake_linux 2006
redhat enterprise_linux_desktop 4.0
easy_software_products cups 1.1.23_rc1
suse suse_linux 9.3
trustix secure_linux 2.0
tetex tetex 2.0.2
turbolinux turbolinux_server 8.0
turbolinux turbolinux 10
kde kword 1.4.2
turbolinux turbolinux_server 10.0
sco openserver 6.0
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
suse suse_linux 10.0
slackware slackware_linux 10.2
debian debian_linux 3.0
trustix secure_linux 2.2
tetex tetex 2.0
kde kdegraphics 3.4.3
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.2
kde koffice 1.4
redhat linux 9.0
tetex tetex 2.0.1
mandrakesoft mandrake_linux_corporate_server 3.0
turbolinux turbolinux_workstation 8.0
suse suse_linux 1.0
redhat enterprise_linux 4.0
poppler poppler 0.4.2
xpdf xpdf 3.0
slackware slackware_linux 9.1
gentoo linux *
suse suse_linux 9.1
redhat enterprise_linux 2.1
CVE-2005-4772 MEDIUM

liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.3
suse suse_linux 8
suse suse_linux 9.2
suse suse_linux 1.0
suse suse_linux 10.0
suse suse_linux_school_server gold
suse suse_sled_beagle 10.0
suse suse_linux_standard_server 8.0
suse suse_linux 9.1
suse suse_linux_openexchange_server 4.0
CVE-2005-4788 LOW

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.3
suse suse_linux 9.2
CVE-2005-4789 LOW

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.3
suse suse_linux 9.2
CVE-2005-4790 MEDIUM

Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux 10.0
suse suse_linux 9.3
CVE-2006-0043 MEDIUM

Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 1.0
suse suse_linux 10.0
suse suse_linux 9.3
suse suse_linux 9.1
suse suse_linux 9.2
CVE-2006-0646 MEDIUM

ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 10.0
suse suse_linux 9.0
suse suse_linux 9.3
suse suse_linux 9.1
suse suse_linux 9.2
CVE-2006-0745 HIGH

X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
x.org x11r6 6.9
x.org x11r7 1.0.1
x.org x11r7 1.0
mandrakesoft mandrake_linux 2006
sun solaris 10.0
suse suse_linux 10.0
redhat fedora_core core_5.0
CVE-2006-0803 MEDIUM

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux 10.0
suse suse_linux 9.3
CVE-2006-2703 MEDIUM

The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
CVE-2006-2752 MEDIUM

The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux Desktop 9 and SUSE SLES 9 has world-readable permissions, which allows attackers to obtain the rc (RedCarpet) password.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
CVE-2007-1285 MEDIUM

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-674,

Products Affected

Vendor Product Version
novell suse_linux 10.0
redhat enterprise_linux_server 4.0
novell suse_linux 10.1
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux_server 2.0
redhat enterprise_linux_workstation 2.0
suse linux_enterprise_server 8
canonical ubuntu_linux 7.10
redhat enterprise_linux_server 3.0
php php *
suse linux_enterprise_server 10
redhat enterprise_linux_workstation 3.0
redhat enterprise_linux_workstation 4.0
CVE-2007-5000 MEDIUM

Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
fedoraproject fedora 7
fedoraproject fedora 8
oracle http_server 10.1.3.5.0
canonical ubuntu_linux 7.10
canonical ubuntu_linux 7.04
suse linux_enterprise_server 10
canonical ubuntu_linux 6.10
suse linux_enterprise_server 9
suse linux_enterprise_desktop 9
apache http_server *
opensuse opensuse 10.3
opensuse opensuse 10.2
CVE-2007-6206 LOW

The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
redhat enterprise_linux_server 4.0
redhat enterprise_linux_desktop 4.0
debian debian_linux 3.1
canonical ubuntu_linux 7.10
debian debian_linux 4.0
suse linux_enterprise_desktop 10
canonical ubuntu_linux 7.04
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
canonical ubuntu_linux 6.10
suse linux_enterprise_real_time_extension 10
redhat enterprise_linux_workstation 4.0
opensuse opensuse 10.3
linux linux_kernel 2.6.24
opensuse opensuse 10.2
linux linux_kernel *
redhat enterprise_linux_eus 4.6
CVE-2007-6716 MEDIUM

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell linux_desktop 9
canonical ubuntu_linux 6.06
opensuse opensuse 10.3
suse suse_linux_enterprise_desktop 10
linux linux_kernel *
canonical ubuntu_linux 8.04
canonical ubuntu_linux 7.10
debian debian_linux 4.0
suse suse_linux_enterprise_server 10
CVE-2008-0063 MEDIUM

The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-908,

Products Affected

Vendor Product Version
apple mac_os_x *
apple mac_os_x_server *
canonical ubuntu_linux 6.06
fedoraproject fedora 7
fedoraproject fedora 8
debian debian_linux 3.1
canonical ubuntu_linux 7.10
debian debian_linux 4.0
suse linux_enterprise_desktop 10
canonical ubuntu_linux 7.04
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mit kerberos_5 *
canonical ubuntu_linux 6.10
opensuse opensuse 10.3
suse linux 10.1
opensuse opensuse 10.2
CVE-2008-2812 HIGH

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
avaya messaging_storage_server 4.0
canonical ubuntu_linux 6.06
suse suse_linux_enterprise_desktop 10
avaya message_networking 3.1
avaya expanded_meet-me_conferencing *
canonical ubuntu_linux 8.04
canonical ubuntu_linux 7.10
avaya communication_manager *
debian debian_linux 4.0
suse suse_linux_enterprise_server 10
canonical ubuntu_linux 7.04
novell linux_desktop 9
avaya meeting_exchange 5.0
avaya sip_enablement_services 4.0
opensuse opensuse 10.3
linux linux_kernel *
avaya intuity_audix_lx 2.0
avaya proactive_contact 4.0
opensuse opensuse 11.0
avaya sip_enablement_services -
CVE-2008-3275 MEDIUM

The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
suse suse_linux_enterprise_desktop 10
linux linux_kernel *
canonical ubuntu_linux 8.04
canonical ubuntu_linux 7.10
debian debian_linux 4.0
suse suse_linux_enterprise_server 10
canonical ubuntu_linux 7.04
CVE-2008-4636 HIGH

yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
suse yast2-backup *
CVE-2008-4989 MEDIUM

The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
opensuse opensuse *
canonical ubuntu_linux 6.06
fedoraproject fedora 9
fedoraproject fedora 8
canonical ubuntu_linux 8.10
suse linux_enterprise 11.0
canonical ubuntu_linux 8.04
canonical ubuntu_linux 7.10
debian debian_linux 4.0
suse linux_enterprise_server 10
gnu gnutls *
suse linux_enterprise 10.0
suse linux_enterprise_server 11
CVE-2008-5021 HIGH

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,

Products Affected

Vendor Product Version
novell open_enterprise_server -
canonical ubuntu_linux 6.06
fedoraproject fedora 9
fedoraproject fedora 8
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
canonical ubuntu_linux 7.10
suse linux_enterprise_debuginfo 10
debian debian_linux 4.0
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
novell linux_desktop 9
suse linux_enterprise_server 9
opensuse opensuse 10.3
opensuse opensuse 10.2
opensuse opensuse 11.0
CVE-2008-6123 MEDIUM

The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
opensuse opensuse 10.3-11.1
suse linux_enterprise 9-11
net-snmp net-snmp *
redhat enterprise_linux 3.0
CVE-2009-0040 MEDIUM

The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-824,

Products Affected

Vendor Product Version
apple mac_os_x *
libpng libpng *
fedoraproject fedora 9
fedoraproject fedora 10
debian debian_linux 5.0
apple iphone_os *
opensuse opensuse 11.1
debian debian_linux 4.0
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
opensuse opensuse 10.3
suse linux_enterprise 10.0
suse linux_enterprise 9.0
opensuse opensuse 11.0
CVE-2009-0115 HIGH

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-732,

Products Affected

Vendor Product Version
avaya messaging_storage_server 4.0
opensuse opensuse *
novell open_enterprise_server -
avaya messaging_storage_server 5.0
fedoraproject fedora 9
avaya messaging_storage_server 3.0
avaya message_networking 3.1
christophe.varoqui multipath-tools 0.4.8
fedoraproject fedora 10
debian debian_linux 5.0
debian debian_linux 4.0
suse linux_enterprise_server 10
suse linux_enterprise_server 9
suse linux_enterprise_desktop 9
avaya intuity_audix_lx 2.0
juniper ctpview 7.1
juniper ctpview *
CVE-2009-0749 HIGH

Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
opensuse opensuse *
suse linux_enterprise 9-11
optipng_project optipng *
CVE-2009-0834 LOW

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 4.0
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux_eus 5.3
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
redhat enterprise_linux_server_aus 5.3
debian debian_linux 5.0
canonical ubuntu_linux 7.10
debian debian_linux 4.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_eus 4.7
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
redhat enterprise_linux_workstation 4.0
opensuse opensuse 10.3
linux linux_kernel *
opensuse opensuse 11.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2009-0949 MEDIUM

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-908,

Products Affected

Vendor Product Version
apple mac_os_x *
apple mac_os_x_server *
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
debian debian_linux 5.0
debian debian_linux 4.0
opensuse opensuse 10.3
suse linux_enterprise 10.0
apple cups *
canonical ubuntu_linux 9.04
suse linux_enterprise 9.0
debian debian_linux 6.0
CVE-2009-1072 MEDIUM

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-16,

Products Affected

Vendor Product Version
vmware esx 3.0.3
canonical ubuntu_linux 6.06
vmware server 2.0.0
canonical ubuntu_linux 8.10
vmware esx 4.0
canonical ubuntu_linux 8.04
vmware vma 4.0
debian debian_linux 5.0
opensuse opensuse 11.1
debian debian_linux 4.0
vmware virtualcenter 2.5
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
vmware vcenter_server 4.0
opensuse opensuse 10.3
vmware esx 3.5
vmware virtualcenter 2.0.2
canonical ubuntu_linux 9.04
linux linux_kernel *
opensuse opensuse 11.0
CVE-2009-1185 HIGH

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
fedoraproject fedora 9
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
fedoraproject fedora 10
debian debian_linux 5.0
canonical ubuntu_linux 7.10
suse linux_enterprise_debuginfo 10
opensuse opensuse 11.1
debian debian_linux 4.0
suse linux_enterprise_desktop 10
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 10
udev_project udev *
opensuse opensuse 10.3
juniper ctpview 7.2
suse linux_enterprise_desktop 11
opensuse opensuse 11.0
juniper ctpview 7.1
juniper ctpview *
suse linux_enterprise_server 11
CVE-2009-1186 LOW

Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.

CVSS 2.0

Severity: LOW

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
fedoraproject fedora 9
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
fedoraproject fedora 10
debian debian_linux 5.0
canonical ubuntu_linux 7.10
suse linux_enterprise_debuginfo 10
opensuse opensuse 11.1
debian debian_linux 4.0
suse linux_enterprise_desktop 10
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 10
udev_project udev *
opensuse opensuse 10.3
suse linux_enterprise_desktop 11
opensuse opensuse 11.0
suse linux_enterprise_server 11
CVE-2009-1955 MEDIUM

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-776,

Products Affected

Vendor Product Version
apple mac_os_x *
canonical ubuntu_linux 6.06
fedoraproject fedora 9
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
fedoraproject fedora 10
debian debian_linux 4.0
apache apr-util *
suse linux_enterprise_server 9
oracle http_server -
fedoraproject fedora 11
apache http_server *
canonical ubuntu_linux 9.04
CVE-2009-2408 MEDIUM

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
opensuse opensuse *
mozilla network_security_services *
canonical ubuntu_linux 8.10
suse linux_enterprise 11.0
canonical ubuntu_linux 8.04
debian debian_linux 5.0
mozilla thunderbird *
mozilla firefox *
mozilla seamonkey *
suse linux_enterprise_server 9
suse linux_enterprise 10.0
canonical ubuntu_linux 9.04
CVE-2009-2416 MEDIUM

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
opensuse opensuse *
apple mac_os_x_server *
google chrome *
xmlsoft libxml2 2.6.16
canonical ubuntu_linux 8.10
vmware esx 4.0
canonical ubuntu_linux 8.04
vmware vma 4.0
fedoraproject fedora 10
vmware esxi 3.5
redhat enterprise_linux 3.0
xmlsoft libxml2 2.5.10
redhat enterprise_linux 5.0
apple safari *
fedoraproject fedora 11
sun openoffice.org *
xmlsoft libxml 1.8.17
apple mac_os_x *
vmware esx 3.0.3
canonical ubuntu_linux 6.06
xmlsoft libxml2 2.6.27
xmlsoft libxml2 2.6.32
suse linux_enterprise 11.0
xmlsoft libxml2 2.6.26
apple iphone_os *
debian debian_linux 4.0
vmware vcenter_server 4.0
suse linux_enterprise_server 9
redhat enterprise_linux 4.0
vmware esx 3.5
suse linux_enterprise 10.0
canonical ubuntu_linux 9.04
vmware esxi 4.0
CVE-2009-2625 MEDIUM

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
oracle primavera_p6_enterprise_project_portfolio_management 7.0
apache xerces2_java 2.9.1
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
fedoraproject fedora 10
debian debian_linux 5.0
oracle jdk 1.5.0
opensuse opensuse 11.1
oracle primavera_p6_enterprise_project_portfolio_management 6.2.1
debian debian_linux 4.0
oracle primavera_p6_enterprise_project_portfolio_management 6.1
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
fedoraproject fedora 11
oracle primavera_web_services 7.0
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
oracle jdk 1.6.0
opensuse opensuse 11.0
suse linux_enterprise_server 11
oracle primavera_web_services 6.2.1
CVE-2009-2692 HIGH

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-908,

Products Affected

Vendor Product Version
suse linux_enterprise_real_time 10
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 4.0
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux_eus 5.3
redhat enterprise_linux_server_aus 5.3
debian debian_linux 4.0
redhat enterprise_linux_eus 4.8
redhat enterprise_linux_workstation 4.0
linux linux_kernel *
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2009-2698 HIGH

The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 6.06
redhat enterprise_linux_server 4.0
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux_eus 5.3
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
fedoraproject fedora 10
redhat enterprise_linux_server_aus 5.3
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
vmware vcenter_server 4.0
suse linux_enterprise_server 9
redhat enterprise_linux_eus 4.8
redhat enterprise_linux_workstation 4.0
canonical ubuntu_linux 9.04
linux linux_kernel *
redhat enterprise_linux_workstation 5.0
vmware esxi 4.0
redhat enterprise_linux_server 5.0
CVE-2009-2903 HIGH

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-772,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
canonical ubuntu_linux 6.06
suse linux_enterprise_server 9
canonical ubuntu_linux 8.10
canonical ubuntu_linux 9.04
linux linux_kernel *
canonical ubuntu_linux 8.04
suse linux_enterprise_debuginfo 10
suse linux_enterprise_desktop 10
CVE-2009-2910 LOW

arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
fedoraproject fedora 10
suse linux_enterprise_debuginfo 10
redhat virtualization 5
redhat enterprise_linux_eus 5.4
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_server 9
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
opensuse opensuse 11.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2009-3080 HIGH

Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-129,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.32
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 6.06
redhat enterprise_linux_server_workstation 5.0
redhat virtualization 5.0
canonical ubuntu_linux 8.10
redhat fedora 10
canonical ubuntu_linux 8.04
opensuse opensuse 11.1
debian debian_linux 4.0
redhat enterprise_linux_eus 5.4
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
vmware esx 3.5
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
redhat enterprise_linux_server 5.0
CVE-2009-3095 MEDIUM

The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
apple mac_os_x *
fedoraproject fedora 10
opensuse opensuse 11.1
debian debian_linux 4.0
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
suse linux_enterprise_server 9
apache http_server *
opensuse opensuse 10.3
opensuse opensuse 11.0
fedoraproject fedora 12
suse linux_enterprise_server 11
CVE-2009-3231 MEDIUM

The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
opensuse opensuse *
canonical ubuntu_linux 6.06
suse linux_enterprise_server 9
fedoraproject fedora 11
suse linux_enterprise 10.0
postgresql postgresql *
canonical ubuntu_linux 8.10
canonical ubuntu_linux 9.04
suse linux_enterprise 11.0
canonical ubuntu_linux 8.04
fedoraproject fedora 10
CVE-2009-3289 MEDIUM

The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
gnome glib 2.0
suse suse_linux_enterprise_server 11
opensuse opensuse 11.0
opensuse opensuse 11.1
CVE-2009-3547 MEDIUM

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.0 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-476,CWE-672,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.32
canonical ubuntu_linux 6.06
suse suse_linux_enterprise_desktop 10
canonical ubuntu_linux 8.10
vmware esx 4.0
canonical ubuntu_linux 8.04
vmware vma 4.0
fedoraproject fedora 10
suse suse_linux_enterprise_server 10
novell linux_desktop 9
opensuse opensuse 11.2
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
opensuse opensuse 11.0
CVE-2009-3612 LOW

The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.32
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
fedoraproject fedora 10
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
opensuse opensuse 11.0
CVE-2009-3621 MEDIUM

net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
suse suse_linux_enterprise_desktop 10
canonical ubuntu_linux 8.10
vmware esx 4.0
canonical ubuntu_linux 8.04
vmware vma 4.0
fedoraproject fedora 10
suse suse_linux_enterprise_server 10
opensuse opensuse 11.2
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
opensuse opensuse 11.0
CVE-2009-3939 MEDIUM

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
avaya aura_session_manager 5.2
avaya aura_system_manager 6.0
avaya aura_application_enablement_services 5.2.1
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
opensuse opensuse 11.0
avaya aura_system_manager 5.2
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 6.06
avaya aura_application_enablement_services 5.2
debian debian_linux 5.0
opensuse opensuse 11.1
redhat virtualization 5
redhat enterprise_linux_eus 5.4
avaya aura_sip_enablement_services 5.2
avaya voice_portal 5.0
opensuse opensuse 11.2
avaya aura_session_manager 1.1
avaya aura_communication_manager 5.2
canonical ubuntu_linux 9.04
avaya aura_system_platform 1.1
redhat enterprise_linux_workstation 5.0
CVE-2009-3953 HIGH

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
adobe acrobat *
suse linux_enterprise 10.0
opensuse opensuse 11.1
suse linux_enterprise_debuginfo 11
CVE-2009-4324 HIGH

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
adobe acrobat_reader *
opensuse opensuse 11.2
adobe acrobat *
suse linux_enterprise 10.0
opensuse opensuse 11.1
suse linux_enterprise_debuginfo 11
CVE-2010-0205 MEDIUM

The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
apple mac_os_x *
canonical ubuntu_linux 6.06
libpng libpng *
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
debian debian_linux 5.0
opensuse opensuse 11.1
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
fedoraproject fedora 11
fedoraproject fedora 13
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
opensuse opensuse 11.0
fedoraproject fedora 12
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2010-0230 HIGH

SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
suse suse_linux 10
suse opensuse 11.2
CVE-2010-0395 HIGH

OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
apache openoffice *
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
suse linux_enterprise_desktop 10
opensuse opensuse 11.2
fedoraproject fedora 11
fedoraproject fedora 13
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
opensuse opensuse 11.0
fedoraproject fedora 12
debian debian_linux 6.0
CVE-2010-0629 MEDIUM

Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mit kerberos_5 *
fedoraproject fedora 11
canonical ubuntu_linux 8.10
canonical ubuntu_linux 9.04
suse linux_enterprise 11.0
canonical ubuntu_linux 8.04
opensuse opensuse 11.0
opensuse opensuse 11.1
CVE-2010-1205 HIGH

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
apple mac_os_x_server *
google chrome *
canonical ubuntu_linux 8.04
mozilla thunderbird *
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
apple safari *
fedoraproject fedora 13
canonical ubuntu_linux 9.10
fedoraproject fedora 12
suse linux_enterprise_server 11
apple mac_os_x *
canonical ubuntu_linux 6.06
libpng libpng *
apple itunes *
debian debian_linux 5.0
canonical ubuntu_linux 10.04
apple iphone_os *
opensuse opensuse 11.1
vmware player *
opensuse opensuse 11.2
suse linux_enterprise_server 9
canonical ubuntu_linux 9.04
vmware workstation *
CVE-2010-1297 HIGH

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
opensuse opensuse *
adobe acrobat *
suse linux_enterprise 10.0
adobe air *
suse linux_enterprise 11.0
adobe flash_player *
CVE-2010-1321 MEDIUM

The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
suse linux_enterprise_server 10
mit kerberos_5 *
opensuse opensuse 11.2
fedoraproject fedora 11
opensuse opensuse 11.3
fedoraproject fedora 13
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
opensuse opensuse 11.0
fedoraproject fedora 12
oracle database_server -
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2010-1437 MEDIUM

Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-416,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.16.59
linux linux_kernel 2.6.11.1
linux linux_kernel 2.6.25.3
linux linux_kernel 2.6.16.40
linux linux_kernel 2.6.16.41
linux linux_kernel 2.6.13.5
linux linux_kernel 2.6.23.11
linux linux_kernel 2.6.14
linux linux_kernel 2.6.25.11
linux linux_kernel 2.6.23.2
linux linux_kernel 2.6.22.17
linux linux_kernel 2.6.20
linux linux_kernel 2.6.31.7
linux linux_kernel 2.6.25.15
linux linux_kernel 2.6.11.2
linux linux_kernel 2.6.20.12
linux linux_kernel 2.6.19.5
linux linux_kernel 2.6.16.31
linux linux_kernel 2.6.21.1
linux linux_kernel 2.6.20.10
linux linux_kernel 2.6.23.3
linux linux_kernel 2.6.15.1
linux linux_kernel 2.6.22.11
linux linux_kernel 2.6.21
linux linux_kernel 2.6.25.20
linux linux_kernel 2.6.16.58
opensuse opensuse 11.1
linux linux_kernel 2.6.25.19
linux linux_kernel 2.6.15
linux linux_kernel 2.6.30.9
linux linux_kernel 2.6.28.6
linux linux_kernel 2.6.18.4
linux linux_kernel 2.6.13.1
linux linux_kernel 2.6.23
linux linux_kernel 2.6.14.5
linux linux_kernel 2.6.21.3
linux linux_kernel 2.6.27.8
linux linux_kernel 2.6.23.1
linux linux_kernel 2.6.16.28
linux linux_kernel 2.6.22.5
linux linux_kernel 2.6.16.61
linux linux_kernel 2.6.16.44
linux linux_kernel 2.6.23.7
linux linux_kernel 2.6.16.53
linux linux_kernel 2.6.27.24
linux linux_kernel 2.6.20.19
linux linux_kernel 2.6.27.37
linux linux_kernel 2.6.29.3
linux linux_kernel 2.6.20.1
linux linux_kernel 2.6.25.10
linux linux_kernel 2.6.29
linux linux_kernel 2.6.16.23
linux linux_kernel 2.6.28.7
linux linux_kernel 2.6.30.2
linux linux_kernel 2.6.32.8
linux linux_kernel 2.6.23.16
linux linux_kernel 2.6.16.38
linux linux_kernel 2.6.14.2
linux linux_kernel 2.6.19.1
linux linux_kernel 2.6.26.6
linux linux_kernel 2.6.22.15
linux linux_kernel 2.6.23.9
linux linux_kernel 2.6.11.8
linux linux_kernel 2.6.20.5
linux linux_kernel 2.6.24.5
linux linux_kernel 2.6.33.1
linux linux_kernel 2.6.28.2
linux linux_kernel 2.6.27.23
linux linux_kernel 2.6.19
suse linux_enterprise_high_availability_extension 11
linux linux_kernel 2.6.22.4
linux linux_kernel 2.6.8.1
linux linux_kernel 2.6.17.10
linux linux_kernel 2.6.22.19
linux linux_kernel 2.6.16.33
linux linux_kernel 2.6.16.5
linux linux_kernel 2.6.22.3
linux linux_kernel 2.6.28.4
linux linux_kernel 2.6.25.18
linux linux_kernel 2.6.16.29
linux linux_kernel 2.6.25.6
linux linux_kernel 2.6.17.9
linux linux_kernel 2.6.15.7
linux linux_kernel 2.6.6
linux linux_kernel 2.6.20.2
linux linux_kernel 2.6.18.6
linux linux_kernel 2.6.27.7
linux linux_kernel 2.6.32.5
linux linux_kernel 2.6.16.19
linux linux_kernel *
linux linux_kernel 2.6.16.8
linux linux_kernel 2.6.30.7
linux linux_kernel 2.6.16.50
linux linux_kernel 2.6.20.13
linux linux_kernel 2.6.26.2
linux linux_kernel 2.6.32
linux linux_kernel 2.6.17.14
linux linux_kernel 2.6.16.57
linux linux_kernel 2.6.16.52
linux linux_kernel 2.6.16.25
linux linux_kernel 2.6.16.20
linux linux_kernel 2.6.21.4
linux linux_kernel 2.6.18.8
linux linux_kernel 2.6.24.1
linux linux_kernel 2.6.25.7
linux linux_kernel 2.6.12.3
linux linux_kernel 2.6.21.5
linux linux_kernel 2.6.27.6
linux linux_kernel 2.6.31.2
linux linux_kernel 2.6.16.55
linux linux_kernel 2.6.32.10
linux linux_kernel 2.6.29.5
linux linux_kernel 2.6.11.4
linux linux_kernel 2.6.29.6
linux linux_kernel 2.6.1
linux linux_kernel 2.6.23.14
linux linux_kernel 2.6.25.4
linux linux_kernel 2.6.17.6
linux linux_kernel 2.6.30.5
linux linux_kernel 2.6.22.21
linux linux_kernel 2.6.31.11
linux linux_kernel 2.6.20.20
linux linux_kernel 2.6.13.3
linux linux_kernel 2.6.16.22
linux linux_kernel 2.6.28
linux linux_kernel 2.6.14.3
linux linux_kernel 2.6.11.10
linux linux_kernel 2.6.27.5
linux linux_kernel 2.6.32.9
linux linux_kernel 2.6.18.7
linux linux_kernel 2.6.19.7
linux linux_kernel 2.6.11.7
linux linux_kernel 2.6.23.17
linux linux_kernel 2.6.16.26
linux linux_kernel 2.6.22.22
linux linux_kernel 2.6.20.16
linux linux_kernel 2.6.25.9
linux linux_kernel 2.6.16.30
linux linux_kernel 2.6.31.10
linux linux_kernel 2.6.33
linux linux_kernel 2.6.19.6
linux linux_kernel 2.6.16.54
linux linux_kernel 2.6.27.35
linux linux_kernel 2.6.15.2
linux linux_kernel 2.6.21.7
linux linux_kernel 2.6.16.18
linux linux_kernel 2.6.20.14
linux linux_kernel 2.6.27.11
linux linux_kernel 2.6.23.15
linux linux_kernel 2.6.23.6
linux linux_kernel 2.6.23.10
linux linux_kernel 2.6.25.2
linux linux_kernel 2.6.29.1
linux linux_kernel 2.6.25.14
linux linux_kernel 2.6.12.1
linux linux_kernel 2.6.23.5
linux linux_kernel 2.6.26.1
linux linux_kernel 2.6.23.4
linux linux_kernel 2.6.31.8
linux linux_kernel 2.6.22.1
linux linux_kernel 2.6.23.13
linux linux_kernel 2.6.27.22
linux linux_kernel 2.6.11.5
linux linux_kernel 2.6.28.5
linux linux_kernel 2.6.28.1
linux linux_kernel 2.6.16.46
linux linux_kernel 2.6.16.60
linux linux_kernel 2.6.16.13
linux linux_kernel 2.6.16.1
linux linux_kernel 2.6.20.18
linux linux_kernel 2.6.16.2
linux linux_kernel 2.6.17.12
linux linux_kernel 2.6.31
linux linux_kernel 2.6.25.17
linux linux_kernel 2.6.20.3
linux linux_kernel 2.6.22.14
linux linux_kernel 2.6.12.2
linux linux_kernel 2.6.17.13
linux linux_kernel 2.6.11.6
linux linux_kernel 2.6.24
linux linux_kernel 2.6.4
linux linux_kernel 2.6.25.16
linux linux_kernel 2.6.31.1
linux linux_kernel 2.6.17.8
linux linux_kernel 2.6.32.3
linux linux_kernel 2.6.27.34
linux linux_kernel 2.6.17.7
debian debian_linux 5.0
linux linux_kernel 2.6.14.6
linux linux_kernel 2.6.16.21
linux linux_kernel 2.6.22.18
linux linux_kernel 2.6.20.11
linux linux_kernel 2.6.24.4
linux linux_kernel 2.6.22.8
linux linux_kernel 2.6.11.11
linux linux_kernel 2.6.16.45
linux linux_kernel 2.6.5
linux linux_kernel 2.6.27.9
linux linux_kernel 2.6.27.10
linux linux_kernel 2.6.11.12
linux linux_kernel 2.6.17.5
linux linux_kernel 2.6.18.1
linux linux_kernel 2.6.31.3
linux linux_kernel 2.6.19.2
linux linux_kernel 2.6.29.2
linux linux_kernel 2.6.15.5
linux linux_kernel 2.6.17.11
linux linux_kernel 2.6.32.4
linux linux_kernel 2.6.11.9
linux linux_kernel 2.6.24.3
linux linux_kernel 2.6.27.33
linux linux_kernel 2.6.16.43
linux linux_kernel 2.6.12
suse linux_enterprise_desktop 11
linux linux_kernel 2.6.12.4
linux linux_kernel 2.6.30.1
linux linux_kernel 2.6.28.10
linux linux_kernel 2.6.0
linux linux_kernel 2.6.17.3
linux linux_kernel 2.6.32.6
linux linux_kernel 2.6.13
linux linux_kernel 2.6.28.8
linux linux_kernel 2.6.24.6
linux linux_kernel 2.6.16.6
linux linux_kernel 2.6.26.7
linux linux_kernel 2.6.23.12
linux linux_kernel 2.6.30.6
linux linux_kernel 2.6.32.2
linux linux_kernel 2.6.16.16
linux linux_kernel 2.6.11
linux linux_kernel 2.6.28.9
linux linux_kernel 2.6.14.4
linux linux_kernel 2.6.16.56
linux linux_kernel 2.6.26.3
linux linux_kernel 2.6.29.4
linux linux_kernel 2.6.20.21
linux linux_kernel 2.6.25.13
linux linux_kernel 2.6.23.8
linux linux_kernel 2.6.22.13
linux linux_kernel 2.6.22.7
linux linux_kernel 2.6.10
linux linux_kernel 2.6.21.6
linux linux_kernel 2.6.22.10
linux linux_kernel 2.6.12.5
linux linux_kernel 2.6.26.5
linux linux_kernel 2.6.25.5
linux linux_kernel 2.6.22.16
linux linux_kernel 2.6.16.3
linux linux_kernel 2.6.16.11
linux linux_kernel 2.6.18.5
linux linux_kernel 2.6.16.24
linux linux_kernel 2.6.3
linux linux_kernel 2.6.16.14
linux linux_kernel 2.6.20.8
linux linux_kernel 2.6.27.12
linux linux_kernel 2.6.15.6
linux linux_kernel 2.6.16.48
linux linux_kernel 2.6.20.7
linux linux_kernel 2.6.16.39
linux linux_kernel 2.6.7
linux linux_kernel 2.6.15.4
linux linux_kernel 2.6.19.4
linux linux_kernel 2.6.27.36
linux linux_kernel 2.6.16.15
linux linux_kernel 2.6.22
linux linux_kernel 2.6.12.6
linux linux_kernel 2.6.16.9
linux linux_kernel 2.6.31.12
linux linux_kernel 2.6.16.35
linux linux_kernel 2.6.28.3
linux linux_kernel 2.6.26.4
linux linux_kernel 2.6.16.49
linux linux_kernel 2.6.34
linux linux_kernel 2.6.31.9
linux linux_kernel 2.6.11.3
linux linux_kernel 2.6.16.7
linux linux_kernel 2.6.22.20
linux linux_kernel 2.6.16.42
linux linux_kernel 2.6.24.7
linux linux_kernel 2.6.31.5
linux linux_kernel 2.6.9
linux linux_kernel 2.6.16.17
linux linux_kernel 2.6.17
linux linux_kernel 2.6.30
linux linux_kernel 2.6.18
linux linux_kernel 2.6.22.12
linux linux_kernel 2.6.22.6
linux linux_kernel 2.6.16.37
linux linux_kernel 2.6.18.3
linux linux_kernel 2.6.13.2
linux linux_kernel 2.6.17.2
linux linux_kernel 2.6.27
linux linux_kernel 2.6.27.20
linux linux_kernel 2.6.16
linux linux_kernel 2.6.31.6
linux linux_kernel 2.6.19.3
linux linux_kernel 2.6.26.8
linux linux_kernel 2.6.16.32
linux linux_kernel 2.6.17.4
linux linux_kernel 2.6.20.17
linux linux_kernel 2.6.14.7
linux linux_kernel 2.6.25.8
linux linux_kernel 2.6.20.6
linux linux_kernel 2.6.20.9
linux linux_kernel 2.6.18.2
linux linux_kernel 2.6.16.62
linux linux_kernel 2.6.25.1
linux linux_kernel 2.6.26
linux linux_kernel 2.6.15.3
linux linux_kernel 2.6.20.15
linux linux_kernel 2.6.16.10
linux linux_kernel 2.6.32.1
linux linux_kernel 2.6.25
linux linux_kernel 2.6.30.3
linux linux_kernel 2.6.16.34
suse linux_enterprise_server 11
linux linux_kernel 2.6.30.10
linux linux_kernel 2.6.21.2
linux linux_kernel 2.6.16.51
linux linux_kernel 2.6.25.12
linux linux_kernel 2.6.13.4
linux linux_kernel 2.6.22.2
linux linux_kernel 2.6.16.36
linux linux_kernel 2.6.8
linux linux_kernel 2.6.16.4
linux linux_kernel 2.6.16.12
linux linux_kernel 2.6.32.7
linux linux_kernel 2.6.31.4
linux linux_kernel 2.6.20.4
linux linux_kernel 2.6.24.2
linux linux_kernel 2.6.30.8
linux linux_kernel 2.6.30.4
linux linux_kernel 2.6.2
linux linux_kernel 2.6.17.1
linux linux_kernel 2.6.16.27
linux linux_kernel 2.6.14.1
linux linux_kernel 2.6.16.47
linux linux_kernel 2.6.22.9
CVE-2010-1634 MEDIUM

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
opensuse opensuse 11.2
python python *
opensuse opensuse 11.3
fedoraproject fedora 13
canonical ubuntu_linux 11.10
canonical ubuntu_linux 11.04
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
suse linux_enterprise_server 11
CVE-2010-1770 HIGH

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
apple webkit *
google chrome *
suse suse_linux_enterprise_desktop 10
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse suse_linux_enterprise_server 10
opensuse opensuse 11.2
apple safari *
opensuse opensuse 11.3
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
canonical ubuntu_linux 10.04.4
CVE-2010-1866 HIGH

The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux_enterprise 10.0
suse linux_enterprise 11.0
opensuse opensuse 11.1
php php *
CVE-2010-2066 LOW

The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
suse suse_linux_enterprise_server 11
vmware esx 4.0
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_high_availability_extension 11
vmware esx 4.1
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
CVE-2010-2226 LOW

The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
canonical ubuntu_linux 6.06
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_desktop 10
CVE-2010-2249 MEDIUM

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
libpng libpng *
apple itunes *
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
apple iphone_os *
opensuse opensuse 11.1
vmware player *
suse linux_enterprise_server 10
apple tvos *
opensuse opensuse 11.2
suse linux_enterprise_server 9
apple safari *
fedoraproject fedora 13
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
fedoraproject fedora 12
vmware workstation *
suse linux_enterprise_server 11
CVE-2010-2297 HIGH

rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
google chrome *
suse suse_linux_enterprise_desktop 10
opensuse opensuse 11.3
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
suse suse_linux_enterprise_server 10
CVE-2010-2301 MEDIUM

Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
google chrome *
suse suse_linux_enterprise_desktop 10
opensuse opensuse 11.3
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
suse suse_linux_enterprise_server 10
CVE-2010-2302 HIGH

Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
google chrome *
suse suse_linux_enterprise_desktop 10
opensuse opensuse 11.3
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
suse suse_linux_enterprise_server 10
CVE-2010-2478 HIGH

Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value that triggers a buffer overflow, a different vulnerability than CVE-2010-3084.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-2495 HIGH

The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing change.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
suse suse_linux_enterprise_high_availability_extension 11
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
CVE-2010-2524 MEDIUM

The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
vmware esx 4.1
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 9.04
vmware esx 4.0
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
CVE-2010-2537 MEDIUM

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_high_availability_extension 11
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
CVE-2010-2538 MEDIUM

Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_high_availability_extension 11
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-2753 HIGH

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-416,

Products Affected

Vendor Product Version
mozilla seamonkey *
opensuse opensuse 11.2
suse linux_enterprise_software_development_kit 11
opensuse opensuse 11.3
suse linux_enterprise_desktop 11
opensuse opensuse 11.1
mozilla thunderbird 3.1
mozilla thunderbird *
suse linux_enterprise_server 11
mozilla firefox *
CVE-2010-2798 HIGH

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
avaya aura_session_manager 5.2
avaya aura_system_manager 6.0
avaya aura_system_platform 6.0
avaya voice_portal 5.1
avaya aura_presence_services 6.0
suse suse_linux_enterprise_server 11
vmware esx 4.0
avaya iq 5.0
avaya iq 5.1
canonical ubuntu_linux 8.04
avaya aura_presence_services 6.1
avaya aura_session_manager 6.0
canonical ubuntu_linux 9.10
linux linux_kernel *
avaya aura_system_manager 5.2
canonical ubuntu_linux 6.06
avaya aura_presence_services 6.1.1
debian debian_linux 5.0
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
avaya voice_portal 5.0
avaya aura_session_manager 1.1
suse linux_enterprise_high_availability_extension 11
avaya aura_communication_manager 5.2
vmware esx 4.1
suse suse_linux_enterprise_desktop 11
avaya aura_system_manager 6.1
canonical ubuntu_linux 9.04
avaya aura_system_manager 6.1.1
avaya aura_system_platform 1.1
CVE-2010-2803 LOW

The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_high_availability_extension 11
opensuse opensuse 11.3
suse linux_enterprise_real_time 11
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 5.0
opensuse opensuse 11.1
suse linux_enterprise_server 11
CVE-2010-2941 HIGH

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
apple mac_os_x *
apple mac_os_x_server *
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 6.06
suse linux_enterprise 11.0
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
redhat enterprise_linux 5.0
opensuse opensuse 11.2
suse linux_enterprise_server 9
fedoraproject fedora 14
opensuse opensuse 11.3
fedoraproject fedora 13
suse linux_enterprise 10.0
apple cups *
canonical ubuntu_linux 9.10
fedoraproject fedora 12
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2010-2942 LOW

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-401,

Products Affected

Vendor Product Version
avaya aura_session_manager 5.2
avaya aura_system_manager 6.0
avaya aura_system_platform 6.0
avaya voice_portal 5.1
avaya aura_presence_services 6.0
suse suse_linux_enterprise_desktop 10
suse suse_linux_enterprise_server 11
vmware esx 4.0
avaya iq 5.0
avaya iq 5.1
canonical ubuntu_linux 8.04
suse suse_linux_enterprise_server 10
avaya aura_presence_services 6.1
avaya aura_session_manager 6.0
opensuse opensuse 11.3
canonical ubuntu_linux 9.10
linux linux_kernel *
avaya aura_system_manager 5.2
canonical ubuntu_linux 6.06
avaya aura_presence_services 6.1.1
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
avaya voice_portal 5.0
linux linux_kernel 2.6.36
avaya aura_session_manager 1.1
avaya aura_communication_manager 5.2
vmware esx 4.1
suse suse_linux_enterprise_desktop 11
avaya aura_system_manager 6.1
canonical ubuntu_linux 9.04
avaya aura_system_manager 6.1.1
avaya aura_system_platform 1.1
CVE-2010-2954 MEDIUM

The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via multiple unsuccessful calls to bind on an AF_IRDA (aka PF_IRDA) socket.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
linux linux_kernel 2.6.36
opensuse opensuse 11.3
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-2955 LOW

The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size.

CVSS 2.0

Severity: LOW

Problem Type: CWE-193,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
linux linux_kernel 2.6.36
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-2959 HIGH

Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_high_availability_extension 11
opensuse opensuse 11.3
suse linux_enterprise_real_time 11
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 5.0
fedoraproject fedora 12
suse linux_enterprise_server 11
CVE-2010-2960 HIGH

The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
CVE-2010-2962 HIGH

drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
fedoraproject fedora 13
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-2963 MEDIUM

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
opensuse opensuse 11.2
opensuse opensuse 11.3
fedoraproject fedora 13
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-3067 MEDIUM

Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
linux linux_kernel 2.6.36
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
CVE-2010-3078 LOW

The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
suse suse_linux_enterprise_server 11
vmware esx 4.0
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
linux linux_kernel 2.6.36
vmware esx 4.1
opensuse opensuse 11.3
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
CVE-2010-3079 MEDIUM

kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
suse linux_enterprise_high_availability_extension 11
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-3080 HIGH

Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-415,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
linux linux_kernel 2.6.36
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-3081 HIGH

The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.36
vmware esx 4.1
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
vmware esx 4.0
linux linux_kernel *
CVE-2010-3296 LOW

The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.36
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
debian debian_linux 5.0
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-3297 LOW

The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-909,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
linux linux_kernel 2.6.36
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
debian debian_linux 5.0
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-3298 LOW

The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
linux linux_kernel 2.6.36
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-3301 HIGH

The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.36
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
CVE-2010-3432 HIGH

The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
CVE-2010-3437 MEDIUM

Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
linux linux_kernel 2.6.36
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-3442 MEDIUM

Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
linux linux_kernel 2.6.36
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
fedoraproject fedora 13
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
linux linux_kernel *
CVE-2010-3702 HIGH

The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 8.04
suse linux_enterprise_server 10
freedesktop poppler *
opensuse opensuse 11.3
xpdfreader xpdf *
fedoraproject fedora 13
apple cups *
canonical ubuntu_linux 9.10
fedoraproject fedora 12
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 6.06
debian debian_linux 5.0
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
opensuse opensuse 11.2
suse linux_enterprise_server 9
fedoraproject fedora 14
canonical ubuntu_linux 9.04
xpdfreader xpdf 3.02
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2010-3848 MEDIUM

Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_server 9
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.10
linux linux_kernel *
CVE-2010-3849 MEDIUM

The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_server 9
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.10
linux linux_kernel *
CVE-2010-3850 LOW

The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_server 9
suse linux_enterprise_real_time_extension 11
canonical ubuntu_linux 9.10
linux linux_kernel *
CVE-2010-3861 LOW

The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value, a different vulnerability than CVE-2010-2478.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2010-3865 HIGH

Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
suse linux_enterprise_high_availability_extension 11
opensuse opensuse 11.3
suse linux_enterprise_real_time 11
linux linux_kernel *
CVE-2010-3873 MEDIUM

The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1) X25_FAC_CALLING_AE or (2) X25_FAC_CALLED_AE data, related to net/x25/x25_facilities.c and net/x25/x25_in.c, a different vulnerability than CVE-2010-4164.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse linux_enterprise_server 9
opensuse opensuse 11.4
linux linux_kernel *
debian debian_linux 5.0
CVE-2010-3874 MEDIUM

Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
fedoraproject fedora 13
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 5.0
suse linux_enterprise_server 11
CVE-2010-3876 LOW

net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures.

CVSS 2.0

Severity: LOW

Problem Type: CWE-909,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
linux linux_kernel 2.6.37
linux linux_kernel *
debian debian_linux 5.0
suse linux_enterprise_desktop 10
CVE-2010-3881 LOW

arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
suse suse_linux_enterprise_high_availability_extension 11
linux linux_kernel *
CVE-2010-3904 HIGH

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-1284,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
vmware esxi 3.5
canonical ubuntu_linux 10.10
vmware esxi 4.1
redhat enterprise_linux 5.0
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
vmware esxi 5.0
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
vmware esxi 4.0
suse linux_enterprise_server 11
CVE-2010-4008 MEDIUM

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
apple mac_os_x *
canonical ubuntu_linux 6.06
google chrome *
apache openoffice *
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_server 11
apple itunes *
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
apple iphone_os *
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
opensuse opensuse 11.2
apple safari *
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.3
canonical ubuntu_linux 9.10
redhat enterprise_linux_server_eus 6.3
xmlsoft libxml2 *
debian debian_linux 6.0
CVE-2010-4072 LOW

The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface."

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
linux linux_kernel 2.6.37
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
canonical ubuntu_linux 9.10
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-4073 LOW

The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 5.0
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2010-4078 LOW

The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-909,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
linux linux_kernel 2.6.36
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
linux linux_kernel *
debian debian_linux 5.0
suse linux_enterprise_desktop 10
CVE-2010-4080 LOW

The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
linux linux_kernel 2.6.36
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
linux linux_kernel *
debian debian_linux 5.0
suse linux_enterprise_desktop 10
CVE-2010-4081 LOW

The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-909,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
linux linux_kernel 2.6.36
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
linux linux_kernel *
debian debian_linux 5.0
suse linux_enterprise_desktop 10
CVE-2010-4082 LOW

The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-909,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
linux linux_kernel 2.6.36
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-4083 LOW

The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-909,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 5.0
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2010-4157 MEDIUM

Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
fedoraproject fedora 13
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2010-4158 LOW

The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
fedoraproject fedora 13
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2010-4160 MEDIUM

Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2010-4162 MEDIUM

Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
fedoraproject fedora 13
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2010-4163 MEDIUM

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-4164 HIGH

Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-191,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 5.0
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2010-4165 MEDIUM

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-369,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel 2.6.37
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-4169 MEDIUM

Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
fedoraproject fedora 13
suse linux_enterprise_desktop 11
linux linux_kernel 2.6.37
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2010-4180 MEDIUM

OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
openssl openssl *
suse linux_enterprise 11.0
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
opensuse opensuse 11.1
canonical ubuntu_linux 10.10
f5 nginx *
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
fedoraproject fedora 14
opensuse opensuse 11.4
opensuse opensuse 11.3
fedoraproject fedora 13
canonical ubuntu_linux 9.04
suse linux_enterprise_desktop 11
CVE-2010-4258 MEDIUM

The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
fedoraproject fedora 13
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2010-4342 HIGH

The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
suse linux_enterprise_server 9
linux linux_kernel 2.6.37
linux linux_kernel *
CVE-2010-4347 MEDIUM

The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
opensuse opensuse 11.3
suse linux_enterprise_real_time_extension 11
linux linux_kernel *
CVE-2010-4494 HIGH

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-415,

Products Affected

Vendor Product Version
apple mac_os_x *
hp insight_control_server_deployment *
google chrome *
apache openoffice *
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_server 11
apple itunes *
debian debian_linux 5.0
apple iphone_os *
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_eus 6.3
opensuse opensuse 11.2
apple safari *
fedoraproject fedora 14
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.3
hp rapid_deployment_pack *
xmlsoft libxml2 *
debian debian_linux 6.0
CVE-2011-0419 MEDIUM

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,

Products Affected

Vendor Product Version
freebsd freebsd *
oracle solaris 10
debian debian_linux 5.0
suse linux_enterprise_server 10
apple mac_os_x 10.6.0
google android *
apache http_server *
openbsd openbsd 4.8
apache portable_runtime *
debian debian_linux 7.0
debian debian_linux 6.0
netbsd netbsd 5.1
CVE-2011-0467 MEDIUM

A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance: versions prior to 1.1.2-0.25.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
suse studio_onsite_appliance *
suse studio_onsite *
CVE-2011-0469 HIGH

Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
suse opensuse -
CVE-2011-0609 HIGH

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
adobe acrobat 10.0.1
adobe acrobat_reader 10.0
adobe acrobat_reader *
adobe acrobat *
google chrome *
adobe acrobat 10.0
adobe air *
suse linux_enterprise 11.0
opensuse opensuse 11.2
opensuse opensuse 11.4
opensuse opensuse 11.3
suse linux_enterprise 10.0
adobe flash_player *
adobe acrobat_reader 10.0.1
CVE-2011-0611 HIGH

Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-843,CWE-843,

Products Affected

Vendor Product Version
adobe adobe_air *
adobe acrobat_reader *
opensuse opensuse 11.2
adobe acrobat *
google chrome *
opensuse opensuse 11.4
opensuse opensuse 11.3
suse linux_enterprise_desktop 11
adobe flash_player *
suse linux_enterprise_desktop 10
CVE-2011-0762 MEDIUM

The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
canonical ubuntu_linux 6.06
fedoraproject fedora 15
vsftpd_project vsftpd *
canonical ubuntu_linux 8.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 10
opensuse opensuse 11.2
suse linux_enterprise_server 9
fedoraproject fedora 14
opensuse opensuse 11.4
opensuse opensuse 11.3
fedoraproject fedora 13
canonical ubuntu_linux 9.10
debian debian_linux 7.0
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2011-1083 MEDIUM

The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
suse linux_enterprise_desktop 11
linux linux_kernel *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_server 11
CVE-2011-1163 LOW

The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
linux linux_kernel *
redhat enterprise_linux_eus 5.6
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 5.6
CVE-2011-1477 HIGH

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-264,

Products Affected

Vendor Product Version
linux linux_kernel *
suse linux_enterprise_desktop 10
CVE-2011-1526 MEDIUM

ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
fedoraproject fedora 15
mit krb5-appl *
debian debian_linux 5.0
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 11
fedoraproject fedora 14
opensuse opensuse 11.4
opensuse opensuse 11.3
suse linux_enterprise_desktop 11
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2011-1585 LOW

The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
linux linux_kernel *
suse suse_linux_enterprise_server 10
CVE-2011-2660 HIGH

The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
suse linux_enterprise_desktop 11
suse vpnc *
CVE-2011-3026 MEDIUM

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
apple mac_os_x *
apple mac_os_x_server *
apple mac_os_x 10.6.8
google chrome *
opensuse opensuse 11.4
suse suse_linux_enterprise_server 11
apple mac_os_x_server 10.6.8
apple iphone_os *
suse linux_enterprise_server 11
CVE-2011-3172 HIGH

A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,CWE-304,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server *
CVE-2011-3192 HIGH

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 11
opensuse opensuse 11.4
apache http_server *
opensuse opensuse 11.3
canonical ubuntu_linux 11.04
canonical ubuntu_linux 8.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
suse linux_enterprise_server 11
CVE-2011-3439 HIGH

FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
apple iphone_os *
suse linux_enterprise_server 11
CVE-2011-3544 HIGH

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,CWE-284,

Products Affected

Vendor Product Version
oracle jre 1.6.0
oracle jre *
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
oracle jdk 1.7.0
oracle jdk *
suse linux_enterprise_server 10
suse linux_enterprise_java 10
oracle jre 1.7.0
canonical ubuntu_linux 11.10
redhat satellite_with_embedded_oracle 5.4
oracle jdk 1.6.0
CVE-2011-3659 HIGH

Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
mozilla thunderbird *
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
mozilla firefox *
CVE-2011-3919 HIGH

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
apple mac_os_x *
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.3
debian debian_linux 5.0
debian debian_linux 7.0
apple iphone_os *
debian debian_linux 6.0
redhat enterprise_linux_desktop 6.0
CVE-2011-3970 MEDIUM

libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 11
google chrome *
suse linux_enterprise_desktop 11
xmlsoft libxslt *
suse linux_enterprise_server 11
CVE-2011-4127 MEDIUM

The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
linux linux_kernel 3.0.23
linux linux_kernel 3.0.13
linux linux_kernel 3.0.28
linux linux_kernel 3.2
linux linux_kernel 3.1.3
linux linux_kernel 3.1.10
linux linux_kernel 3.0.25
suse linux_enterprise_server 10
linux linux_kernel 3.0.26
linux linux_kernel 3.1
linux linux_kernel 3.0.7
linux linux_kernel 3.0.22
linux linux_kernel 3.1.5
linux linux_kernel *
linux linux_kernel 3.1.8
linux linux_kernel 3.0.3
linux linux_kernel 3.0.4
linux linux_kernel 3.0.1
linux linux_kernel 3.0.19
linux linux_kernel 3.0.14
linux linux_kernel 3.0.9
linux linux_kernel 3.0.6
linux linux_kernel 3.0.24
linux linux_kernel 3.0.5
linux linux_kernel 3.1.1
linux linux_kernel 3.0.20
linux linux_kernel 3.1.2
linux linux_kernel 3.0.15
linux linux_kernel 3.0.34
linux linux_kernel 3.1.4
linux linux_kernel 3.0.33
linux linux_kernel 3.0.32
linux linux_kernel 3.0.8
linux linux_kernel 3.0.11
linux linux_kernel 3.1.9
linux linux_kernel 3.0.12
linux linux_kernel 3.0.29
linux linux_kernel 3.0.17
linux linux_kernel 3.1.6
linux linux_kernel 3.0.16
linux linux_kernel 3.0.10
linux linux_kernel 3.1.7
linux linux_kernel 3.0
linux linux_kernel 3.0.18
linux linux_kernel 3.0.2
linux linux_kernel 3.0.21
linux linux_kernel 3.0.27
linux linux_kernel 3.0.31
linux linux_kernel 3.0.30
CVE-2011-4132 LOW

The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value."

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
linux linux_kernel 2.6
CVE-2011-4190 LOW

The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files).

CVSS 2.0

Severity: LOW

Problem Type: CWE-310,CWE-306,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11.0
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
CVE-2011-4315 MEDIUM

Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
fedoraproject fedora 16
suse studio_onsite 1.2
suse studio 1.2
suse webyast 1.2
f5 nginx *
CVE-2011-4516 MEDIUM

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
fedoraproject fedora 15
oracle outside_in_technology 8.3.7
jasper_project jasper 1.900.1
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
fedoraproject fedora 16
oracle outside_in_technology 8.3.5
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2011-4517 MEDIUM

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
fedoraproject fedora 15
oracle outside_in_technology 8.3.7
jasper_project jasper 1.900.1
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
fedoraproject fedora 16
oracle outside_in_technology 8.3.5
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_desktop 4
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2011-4862 HIGH

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
freebsd freebsd *
fedoraproject fedora 15
heimdal_project heimdal *
mit krb5-appl *
debian debian_linux 5.0
gnu inetutils *
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
fedoraproject fedora 16
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_server 9
opensuse opensuse 11.4
opensuse opensuse 11.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2012-0031 MEDIUM

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat jboss_enterprise_web_server 1.0.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
debian debian_linux 5.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
apache http_server *
redhat storage 2.0
redhat enterprise_linux_eus 6.2
debian debian_linux 7.0
debian debian_linux 6.0
CVE-2012-0053 MEDIUM

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat jboss_enterprise_web_server 1.0.0
redhat enterprise_linux_server 6.0
debian debian_linux 5.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
apache http_server *
redhat storage 2.0
redhat enterprise_linux_eus 6.2
debian debian_linux 7.0
debian debian_linux 6.0
CVE-2012-0442 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 5.0
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2012-0444 HIGH

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 11.04
debian debian_linux 5.0
canonical ubuntu_linux 10.04
canonical ubuntu_linux 10.10
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
opensuse opensuse 11.4
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2012-0449 HIGH

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 5.0
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2012-0507 HIGH

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,CWE-843,

Products Affected

Vendor Product Version
oracle jre 1.6.0
sun jre 1.6.0
sun jre 1.5.0
suse linux_enterprise_java 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_java 10
oracle jre 1.7.0
debian debian_linux 7.0
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2012-0879 MEDIUM

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
suse linux_enterprise_high_availability_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
canonical ubuntu_linux 10.04
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2012-1090 MEDIUM

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_mrg 2.0
suse linux_enterprise_high_availability_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2012-1097 HIGH

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
redhat enterprise_mrg 2.0
redhat enterprise_linux 4.0
suse linux_enterprise_high_availability_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2012-1146 MEDIUM

The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
fedoraproject fedora 16
suse linux_enterprise_high_availability_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2012-1535 HIGH

Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,CWE-20,CWE-94,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 11.4
opensuse opensuse 12.1
adobe flash_player *
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_desktop 10
CVE-2012-1717 LOW

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.6.0
redhat icedtea6 *
oracle jre *
oracle jre 1.5.0
redhat enterprise_linux_for_power_big_endian 5.0
oracle jdk 1.5.0
suse linux_enterprise_java 11
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_for_ibm_z_systems 5.0
oracle jdk 1.6.0
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
redhat satellite_with_embedded_oracle 5.5
redhat enterprise_linux_for_scientific_computing 6.0
oracle jdk 1.7.0
oracle jdk *
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_java 10
oracle jre 1.7.0
redhat enterprise_linux_server_from_rhui 6.0
redhat enterprise_linux_workstation 5.0
CVE-2012-1823 HIGH

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,CWE-77,

Products Affected

Vendor Product Version
php php 5.2.8
redhat enterprise_linux_eus 6.1
php php 5.2.1
php php 5.2.5
php php 5.2.17
redhat enterprise_linux_server_aus 5.6
php php 5.3.1
suse linux_enterprise_server 10
php php 5.2.9
php php 5.0.2
php php 5.1.3
php php 5.1.6
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_server 5.0
hp hp-ux b.11.31
apple mac_os_x *
php php 5.2.14
php php 5.3.2
fedoraproject fedora 40
php php 5.2.16
php php 5.0.3
php php 5.2.3
php php 5.0.4
php php 5.1.2
php php *
php php 5.2.7
php php 5.4.0
php php 5.2.2
php php 5.2.11
debian debian_linux 6.0
php php 5.3.3
php php 5.1.1
redhat storage_for_public_cloud 2.0
php php 5.0.0
php php 5.1.4
php php 5.3.4
php php 5.2.12
redhat enterprise_linux_server_aus 5.3
php php 5.3.7
redhat enterprise_linux_desktop 6.0
php php 5.1.5
php php 5.3.10
suse linux_enterprise_software_development_kit 10
php php 5.3.8
suse linux_enterprise_software_development_kit 11
php php 5.3.9
redhat enterprise_linux_eus 5.6
php php 5.0.1
php php 5.2.15
suse linux_enterprise_server 11
redhat gluster_storage_server_for_on-premise 2.0
php php 5.4.1
php php 5.3.0
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
php php 5.2.4
hp hp-ux b.11.23
php php 5.2.13
php php 5.3.6
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
php php 5.2.10
fedoraproject fedora 39
redhat storage 2.0
php php 5.3.5
php php 5.2.6
php php 5.0.5
php php 5.1.0
redhat application_stack 2.0
redhat enterprise_linux_workstation 5.0
php php 5.2.0
CVE-2012-1938 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat storage 2.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-1970 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_server_eus 6.3
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-1972 HIGH

Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_server_eus 6.3
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-1973 HIGH

Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_server_eus 6.3
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-1974 HIGH

Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_server_eus 6.3
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-1975 HIGH

Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_server_eus 6.3
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-1976 HIGH

Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-2034 HIGH

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
adobe air *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
adobe flash_player *
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2012-2035 HIGH

Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
adobe air *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
adobe flash_player *
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2012-2036 HIGH

Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
adobe air *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
adobe flash_player *
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2012-2037 HIGH

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
adobe air *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
adobe flash_player *
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2012-2038 MEDIUM

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
adobe air *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
adobe flash_player *
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2012-2039 HIGH

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
adobe air *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
adobe flash_player *
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2012-2040 HIGH

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-426,

Products Affected

Vendor Product Version
opensuse opensuse 11.4
opensuse opensuse 12.1
adobe air *
suse linux_enterprise_desktop 11
adobe flash_player *
suse linux_enterprise_desktop 10
CVE-2012-3515 HIGH

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
xen xen 4.0.0
xen xen 4.1.0
redhat virtualization 3.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
qemu qemu *
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
redhat virtualization 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
canonical ubuntu_linux 11.10
redhat virtualization 6.0
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-3956 HIGH

Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3957 HIGH

Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3959 HIGH

Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_server_eus 6.3
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-3960 HIGH

Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3961 HIGH

Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3963 HIGH

Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3967 HIGH

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3968 HIGH

Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3972 MEDIUM

The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_server_eus 6.3
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-3976 MEDIUM

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3982 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3986 MEDIUM

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3988 HIGH

Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3990 HIGH

Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3991 HIGH

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3992 MEDIUM

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3994 MEDIUM

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-3995 HIGH

The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4179 HIGH

Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4180 HIGH

Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4182 HIGH

Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4183 HIGH

Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla seamonkey *
suse linux_enterprise_sdk 11
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
opensuse opensuse 12.3
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4184 MEDIUM

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4185 HIGH

Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4186 HIGH

Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4187 HIGH

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4188 HIGH

Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
suse linux_enterprise_sdk 10
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4193 MEDIUM

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-4194 MEDIUM

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-4195 MEDIUM

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-4196 MEDIUM

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 11.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-4201 MEDIUM

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-4202 HIGH

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-4207 MEDIUM

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-4209 MEDIUM

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-4213 HIGH

Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2012-4214 HIGH

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-4215 HIGH

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-4216 HIGH

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-5076 HIGH

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,CWE-284,

Products Affected

Vendor Product Version
oracle jre 1.7.0
suse linux_enterprise_desktop 11
CVE-2012-5829 HIGH

Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-5830 MEDIUM

Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_desktop 10
suse suse_linux_enterprise_server 11
mozilla thunderbird *
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 11.10
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_workstation 5.0
CVE-2012-5833 HIGH

The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-5835 HIGH

Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-5836 HIGH

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2012-5838 HIGH

The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2012-5839 HIGH

Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-5840 HIGH

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-5841 MEDIUM

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2012-5842 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
CVE-2012-5843 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2012-6075 HIGH

Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
fedoraproject fedora 18
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_eus 6.4
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat virtualization 3.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
fedoraproject fedora 16
redhat enterprise_linux_server_aus 6.4
canonical ubuntu_linux 12.04
fedoraproject fedora 17
redhat enterprise_linux_workstation 6.0
qemu qemu *
redhat enterprise_linux_eus 5.9
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
debian debian_linux 6.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2012-6639 HIGH

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
canonical cloud-init *
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2013-0170 MEDIUM

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
fedoraproject fedora 18
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
fedoraproject fedora 16
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
fedoraproject fedora 17
redhat enterprise_linux_workstation 6.0
redhat libvirt *
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0339 MEDIUM

libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because libxml2 already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed and each affected application would need its own CVE.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
xmlsoft libxml2 1.8.2
xmlsoft libxml2 2.6.14
xmlsoft libxml2 1.8.4
xmlsoft libxml2 2.4.25
xmlsoft libxml2 2.6.5
xmlsoft libxml2 1.8.1
xmlsoft libxml2 2.6.11
xmlsoft libxml2 2.6.12
suse linux_enterprise_server 10
xmlsoft libxml2 1.8.9
xmlsoft libxml2 2.4.5
xmlsoft libxml2 2.3.2
xmlsoft libxml2 2.6.3
xmlsoft libxml2 2.8.0
xmlsoft libxml2 2.6.29
xmlsoft libxml2 1.8.7
xmlsoft libxml2 2.4.13
xmlsoft libxml2 1.7.2
xmlsoft libxml2 2.3.0
xmlsoft libxml2 2.2.3
xmlsoft libxml2 2.5.8
xmlsoft libxml2 2.3.6
canonical ubuntu_linux 12.10
xmlsoft libxml2 2.6.18
xmlsoft libxml2 2.6.27
xmlsoft libxml2 2.4.3
xmlsoft libxml2 2.7.3
xmlsoft libxml2 2.6.28
xmlsoft libxml2 2.2.7
xmlsoft libxml2 2.6.31
xmlsoft libxml2 2.4.19
xmlsoft libxml2 2.6.2
xmlsoft libxml2 2.2.5
xmlsoft libxml2 2.2.9
xmlsoft libxml2 2.5.0
debian debian_linux 6.0
xmlsoft libxml2 2.4.23
xmlsoft libxml2 2.4.9
xmlsoft libxml2 2.6.22
xmlsoft libxml2 2.1.1
xmlsoft libxml2 2.4.24
xmlsoft libxml2 1.7.0
xmlsoft libxml2 2.7.5
xmlsoft libxml2 2.4.30
xmlsoft libxml2 2.3.7
xmlsoft libxml2 2.5.10
xmlsoft libxml2 2.7.2
xmlsoft libxml2 2.5.4
xmlsoft libxml2 2.4.2
xmlsoft libxml2 2.4.26
xmlsoft libxml2 2.4.1
xmlsoft libxml2 2.2.2
xmlsoft libxml2 2.4.17
xmlsoft libxml2 2.6.30
xmlsoft libxml2 2.7.6
xmlsoft libxml2 *
xmlsoft libxml2 2.3.8
xmlsoft libxml2 1.7.1
xmlsoft libxml2 2.3.13
xmlsoft libxml2 2.2.1
xmlsoft libxml2 2.7.4
xmlsoft libxml2 2.4.27
xmlsoft libxml2 2.3.11
xmlsoft libxml2 2.4.15
xmlsoft libxml2 2.4.6
xmlsoft libxml2 2.4.10
xmlsoft libxml2 2.4.22
xmlsoft libxml2 2.7.1
xmlsoft libxml2 2.3.9
xmlsoft libxml2 1.8.16
xmlsoft libxml2 2.4.8
xmlsoft libxml2 2.5.7
xmlsoft libxml2 2.6.1
xmlsoft libxml2 2.2.4
xmlsoft libxml2 2.3.10
xmlsoft libxml2 2.6.23
xmlsoft libxml2 2.6.16
xmlsoft libxml2 2.3.3
xmlsoft libxml2 1.7.3
xmlsoft libxml2 2.3.12
xmlsoft libxml2 1.8.0
xmlsoft libxml2 2.6.9
xmlsoft libxml2 2.3.1
xmlsoft libxml2 2.4.21
xmlsoft libxml2 2.9.0
xmlsoft libxml2 2.2.11
xmlsoft libxml2 2.2.8
xmlsoft libxml2 2.2.6
xmlsoft libxml2 2.6.32
xmlsoft libxml2 2.6.21
xmlsoft libxml2 2.6.25
xmlsoft libxml2 2.6.26
xmlsoft libxml2 2.4.4
xmlsoft libxml2 2.6.20
canonical ubuntu_linux 10.04
xmlsoft libxml2 2.6.17
xmlsoft libxml2 2.4.16
xmlsoft libxml2 2.3.4
canonical ubuntu_linux 13.04
xmlsoft libxml2 1.8.3
xmlsoft libxml2 2.0.0
xmlsoft libxml2 2.1.0
xmlsoft libxml2 2.4.20
xmlsoft libxml2 1.8.6
debian debian_linux 7.0
xmlsoft libxml2 2.2.10
xmlsoft libxml2 2.4.12
xmlsoft libxml2 2.4.29
xmlsoft libxml2 2.6.24
xmlsoft libxml2 2.4.18
xmlsoft libxml2 1.8.13
xmlsoft libxml2 2.6.0
xmlsoft libxml2 2.3.5
xmlsoft libxml2 2.6.4
xmlsoft libxml2 2.4.28
xmlsoft libxml2 2.7.8
xmlsoft libxml2 1.7.4
xmlsoft libxml2 2.6.8
xmlsoft libxml2 2.4.7
xmlsoft libxml2 2.5.11
xmlsoft libxml2 2.6.7
xmlsoft libxml2 2.2.0
xmlsoft libxml2 2.4.11
xmlsoft libxml2 2.7.0
xmlsoft libxml2 2.3.14
canonical ubuntu_linux 12.04
xmlsoft libxml2 1.8.14
xmlsoft libxml2 2.6.13
xmlsoft libxml2 1.8.5
xmlsoft libxml2 1.8.10
xmlsoft libxml2 2.6.6
xmlsoft libxml2 2.4.14
xmlsoft libxml2 2.7.7
CVE-2013-0640 HIGH

Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
adobe acrobat_reader *
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_eus 6.4
adobe acrobat *
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
CVE-2013-0641 HIGH

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
adobe acrobat_reader *
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_eus 6.4
adobe acrobat *
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
CVE-2013-0643 HIGH

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,CWE-269,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_eus 6.4
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-0648 HIGH

Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_eus 6.4
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-0744 HIGH

Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0745 HIGH

The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0746 HIGH

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0747 MEDIUM

The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0748 MEDIUM

The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0749 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0750 HIGH

Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0752 HIGH

Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0753 HIGH

Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0754 HIGH

Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0755 HIGH

Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0756 HIGH

Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0757 HIGH

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0758 HIGH

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0759 MEDIUM

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0760 HIGH

Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0761 HIGH

Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0762 HIGH

Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0763 HIGH

Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0764 HIGH

The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-326,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0766 HIGH

Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0767 HIGH

The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0768 HIGH

Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0769 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
redhat enterprise_linux_eus 6.3
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 5.0
CVE-2013-0770 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0771 HIGH

Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-0800 MEDIUM

Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
opensuse opensuse 12.1
canonical ubuntu_linux 10.04
mozilla thunderbird *
suse linux_enterprise_desktop 10
mozilla firefox *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla thunderbird_esr *
opensuse opensuse 12.3
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2013-1690 HIGH

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
mozilla firefox *
mozilla firefox_esr *
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 10
redhat enterprise_linux_server_aus 6.4
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat gluster_storage_server_for_on-premise 2.0
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
mozilla thunderbird_esr *
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
CVE-2013-1861 MEDIUM

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
oracle mysql *
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux 5
canonical ubuntu_linux 10.04
mariadb mariadb *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2013-1864 MEDIUM

The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opalvoip portable_tool_library 2.10.7
suse suse_linux_enterprise_software_development_kit 11.0
opalvoip portable_tool_library 2.10.9
suse suse_linux_enterprise_desktop 11.0
opalvoip portable_tool_library 2.10.1
ekiga ekiga *
opalvoip portable_tool_library 2.10.2
CVE-2013-2020 MEDIUM

Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
clamav clamav 0.93.2
clamav clamav 0.90.3_p1
clamav clamav 0.93.1
clamav clamav *
clamav clamav 0.91.1
clamav clamav 0.97.3
clamav clamav 0.90.1
clamav clamav 0.90.1_p0
clamav clamav 0.97.4
clamav clamav 0.97.5
clamav clamav 0.94
clamav clamav 0.97.2
clamav clamav 0.96
clamav clamav 0.95.3
clamav clamav 0.91.2_p0
clamav clamav 0.91.2
clamav clamav 0.92_p0
clamav clamav 0.96.3
clamav clamav 0.96.2
suse linux_enterprise_server 11.0
clamav clamav 0.90
clamav clamav 0.96.4
clamav clamav 0.97.1
canonical ubuntu_linux 12.10
clamav clamav 0.90.2
clamav clamav 0.94.1
clamav clamav 0.97
clamav clamav 0.91
clamav clamav 0.9
clamav clamav 0.90.3_p0
canonical ubuntu_linux 10.04
clamav clamav 0.96.5
clamav clamav 0.95
clamav clamav 0.93
clamav clamav 0.96.1
clamav clamav 0.90.2_p0
clamav clamav 0.95.2
canonical ubuntu_linux 13.04
canonical ubuntu_linux 12.04
clamav clamav 0.92.1
clamav clamav 0.94.2
clamav clamav 0.92
clamav clamav 0.93.3
canonical ubuntu_linux 11.10
clamav clamav 0.90.3
clamav clamav 0.95.1
CVE-2013-2021 MEDIUM

pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
clamav clamav 0.97.1
canonical ubuntu_linux 12.10
clamav clamav 0.97.3
clamav clamav 0.97.4
canonical ubuntu_linux 10.04
clamav clamav 0.97.5
clamav clamav 0.97.2
canonical ubuntu_linux 13.04
canonical ubuntu_linux 12.04
clamav clamav 0.97.6
canonical ubuntu_linux 11.10
suse linux_enterprise_server 11.0
clamav clamav 0.97.7
CVE-2013-2147 LOW

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.

CVSS 2.0

Severity: LOW

Problem Type: CWE-399,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
linux linux_kernel 3.9.3
linux linux_kernel 3.9.0
linux linux_kernel 3.9
linux linux_kernel *
linux linux_kernel 3.9.2
linux linux_kernel 3.9.1
CVE-2013-2465 HIGH

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,CWE-693,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
oracle jre 1.6.0
suse linux_enterprise_software_development_kit 11
sun jre 1.6.0
suse linux_enterprise_java 10
sun jre 1.5.0
oracle jre 1.7.0
oracle jre 1.5.0
suse linux_enterprise_java 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 11
CVE-2013-2555 HIGH

Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_eus 6.4
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
adobe air *
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-2728 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-2729 HIGH

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-190,

Products Affected

Vendor Product Version
adobe acrobat_reader *
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_eus 6.4
redhat enterprise_linux_server_aus 6.4
adobe acrobat *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 5.9
suse linux_enterprise_desktop 11
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
CVE-2013-3301 HIGH

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 3.2.18
linux linux_kernel 3.1.3
linux linux_kernel 3.8.6
linux linux_kernel 3.1.10
linux linux_kernel 3.0.39
linux linux_kernel 3.4.19
linux linux_kernel 3.0.61
linux linux_kernel 3.0.22
linux linux_kernel 3.4.17
linux linux_kernel 3.2.2
linux linux_kernel 3.6.3
linux linux_kernel 3.2.3
linux linux_kernel 3.2.27
linux linux_kernel 3.2.5
linux linux_kernel 3.0.1
linux linux_kernel 3.7.10
linux linux_kernel 3.0.47
linux linux_kernel 3.3.1
linux linux_kernel 3.4.30
linux linux_kernel 3.8.2
linux linux_kernel 3.3.3
linux linux_kernel 3.6.11
linux linux_kernel 3.0.9
linux linux_kernel 3.4.18
linux linux_kernel 3.4.4
linux linux_kernel 3.0.24
linux linux_kernel 3.2.20
linux linux_kernel 3.4.11
linux linux_kernel 3.0.5
linux linux_kernel 3.1.1
linux linux_kernel 3.0.68
linux linux_kernel 3.0.20
linux linux_kernel 3.2.25
linux linux_kernel 3.0.15
linux linux_kernel 3.1.4
linux linux_kernel 3.7.5
linux linux_kernel 3.3.8
linux linux_kernel 3.0.40
linux linux_kernel 3.0.63
linux linux_kernel 3.2.24
linux linux_kernel 3.4.6
linux linux_kernel 3.0.12
linux linux_kernel 3.4.3
linux linux_kernel 3.6.7
linux linux_kernel 3.0.56
linux linux_kernel 3.0.10
linux linux_kernel 3.2.12
linux linux_kernel 3.4.24
suse linux_enterprise_high_availability_extension 11
linux linux_kernel 3.4.14
linux linux_kernel 3.7.6
linux linux_kernel 3.0.21
linux linux_kernel 3.7.4
linux linux_kernel 3.0.48
linux linux_kernel 3.6.6
linux linux_kernel 3.0.13
linux linux_kernel 3.0.28
linux linux_kernel 3.2.1
linux linux_kernel 3.2.19
linux linux_kernel 3.2.15
linux linux_kernel 3.0.25
linux linux_kernel 3.3.4
linux linux_kernel 3.3.7
linux linux_kernel 3.3
linux linux_kernel 3.7.3
linux linux_kernel 3.4.13
linux linux_kernel *
linux linux_kernel 3.0.41
linux linux_kernel 3.4.9
linux linux_kernel 3.0.36
linux linux_kernel 3.0.49
linux linux_kernel 3.0.35
linux linux_kernel 3.4.20
linux linux_kernel 3.4.32
linux linux_kernel 3.0.55
linux linux_kernel 3.2.17
linux linux_kernel 3.4.7
linux linux_kernel 3.1.2
linux linux_kernel 3.3.6
linux linux_kernel 3.8.5
linux linux_kernel 3.0.66
linux linux_kernel 3.0.33
linux linux_kernel 3.4.27
linux linux_kernel 3.2.9
linux linux_kernel 3.2.22
linux linux_kernel 3.0.44
linux linux_kernel 3.5.2
linux linux_kernel 3.7.8
linux linux_kernel 3.0.58
linux linux_kernel 3.1.9
linux linux_kernel 3.0.29
linux linux_kernel 3.4.26
linux linux_kernel 3.7.1
linux linux_kernel 3.0.2
linux linux_kernel 3.4.29
linux linux_kernel 3.0.31
linux linux_kernel 3.8.1
linux linux_kernel 3.4.10
linux linux_kernel 3.6.4
linux linux_kernel 3.0.42
linux linux_kernel 3.4.23
linux linux_kernel 3.3.5
linux linux_kernel 3.0.65
linux linux_kernel 3.4.25
linux linux_kernel 3.0.7
linux linux_kernel 3.1.8
linux linux_kernel 3.5.4
linux linux_kernel 3.0.3
linux linux_kernel 3.5.5
redhat enterprise_linux 6.0
linux linux_kernel 3.0.4
linux linux_kernel 3.7.7
linux linux_kernel 3.0.19
linux linux_kernel 3.0.37
linux linux_kernel 3.0.43
linux linux_kernel 3.0.14
linux linux_kernel 3.2.8
linux linux_kernel 3.2.29
linux linux_kernel 3.2.23
redhat enterprise_mrg 2.0
linux linux_kernel 3.2.30
linux linux_kernel 3.4.31
linux linux_kernel 3.4.1
linux linux_kernel 3.0.60
linux linux_kernel 3.4.22
linux linux_kernel 3.6.9
linux linux_kernel 3.6.8
linux linux_kernel 3.2.14
linux linux_kernel 3.0.34
linux linux_kernel 3.4.8
suse linux_enterprise_desktop 11
linux linux_kernel 3.0.54
linux linux_kernel 3.0.32
linux linux_kernel 3.4.5
linux linux_kernel 3.2.26
linux linux_kernel 3.5.1
linux linux_kernel 3.0.11
linux linux_kernel 3.4.21
linux linux_kernel 3.5.3
linux linux_kernel 3.8.3
linux linux_kernel 3.0.62
linux linux_kernel 3.7.9
linux linux_kernel 3.0.16
linux linux_kernel 3.7
linux linux_kernel 3.1.7
linux linux_kernel 3.3.2
linux linux_kernel 3.4.15
linux linux_kernel 3.6.2
linux linux_kernel 3.8.0
linux linux_kernel 3.0.23
linux linux_kernel 3.0.59
linux linux_kernel 3.2
linux linux_kernel 3.2.6
linux linux_kernel 3.2.28
linux linux_kernel 3.6.1
linux linux_kernel 3.4.16
linux linux_kernel 3.0.26
linux linux_kernel 3.1
linux linux_kernel 3.2.16
linux linux_kernel 3.7.2
linux linux_kernel 3.2.4
linux linux_kernel 3.1.5
linux linux_kernel 3.2.7
linux linux_kernel 3.6.10
linux linux_kernel 3.4.28
linux linux_kernel 3.6.5
linux linux_kernel 3.0.50
linux linux_kernel 3.0.6
linux linux_kernel 3.0.64
linux linux_kernel 3.0.53
linux linux_kernel 3.2.10
linux linux_kernel 3.8.4
linux linux_kernel 3.2.11
linux linux_kernel 3.5.7
linux linux_kernel 3.4.2
linux linux_kernel 3.0.67
linux linux_kernel 3.2.21
linux linux_kernel 3.5.6
linux linux_kernel 3.6
linux linux_kernel 3.4
suse linux_enterprise_server 11
linux linux_kernel 3.0.45
linux linux_kernel 3.0.52
linux linux_kernel 3.0.8
linux linux_kernel 3.0.46
linux linux_kernel 3.0.51
linux linux_kernel 3.0.17
linux linux_kernel 3.1.6
linux linux_kernel 3.0
linux linux_kernel 3.0.18
linux linux_kernel 3.4.12
linux linux_kernel 3.0.57
linux linux_kernel 3.0.27
linux linux_kernel 3.2.13
linux linux_kernel 3.0.38
linux linux_kernel 3.0.30
CVE-2013-3324 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3325 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3326 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3327 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3328 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3329 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3330 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3331 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3332 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3333 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3334, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3334 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3335.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3335 HIGH

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3334.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.4
adobe adobe_air_sdk *
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_desktop 10
adobe adobe_air *
redhat enterprise_linux_server_eus 5.9
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_server_eus 6.4
redhat enterprise_linux_eus 5.9
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
CVE-2013-3709 HIGH

WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
suse webyast 1.3
suse studio_onsite 1.3
novell suse_lifecycle_management_server 1.3
CVE-2013-3712 HIGH

SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
suse studio_onsite 1.3.1
suse studio_onsite 1.3.3
suse studio_onsite 1.3.5
suse studio_onsite 1.3.2
suse studio_extension_for_system_z 1.3
suse studio_onsite 1.3.4
suse studio_onsite 1.3
CVE-2013-3783 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 10.04
mariadb mariadb *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2013-3793 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 10.04
mariadb mariadb *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2013-3794 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
opensuse opensuse 12.2
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
mariadb mariadb *
CVE-2013-3801 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
mariadb mariadb *
CVE-2013-3802 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 10.04
mariadb mariadb *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2013-3804 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 10.04
mariadb mariadb *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2013-3805 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
opensuse opensuse 12.2
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
mariadb mariadb *
CVE-2013-3808 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
mariadb mariadb *
CVE-2013-3809 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 10.04
mariadb mariadb *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2013-3812 LOW

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 10.04
mariadb mariadb *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2013-4002 HIGH

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
ibm java 6.0.8.0
ibm host_on-demand 11.0.1
ibm host_on-demand 11.0.3
ibm java 7.0.4.2
ibm java 5.0.12.4
ibm java 5.0.12.5
ibm java 6.0.0.0
ibm sterling_b2b_integrator 5.2.4
suse linux_enterprise_java 11
ibm java 7.0.4.1
suse linux_enterprise_server 10
ibm host_on-demand 11.0.5
ibm host_on-demand 11.0.7
ibm java 6.0.9.0
ibm java 5.0.16.1
ibm host_on-demand 11.0.6.1
ibm java 6.0.3.0
ibm java 5.0.11.1
ibm tivoli_application_dependency_discovery_manager 7.2.2
ibm sterling_b2b_integrator 5.1
canonical ubuntu_linux 12.10
ibm java 7.0.0.0
canonical ubuntu_linux 10.04
ibm sterling_file_gateway 2.2
canonical ubuntu_linux 13.04
ibm java 5.0.16.2
suse linux_enterprise_server 9
ibm java 5.0.11.0
ibm host_on-demand 11.0.4
ibm sterling_file_gateway 2.1
oracle jre 1.7.0
ibm java 6.0.6.0
ibm java 6.0.12.0
ibm java 6.0.13.1
ibm sterling_b2b_integrator 5.2
ibm java 5.0.16.0
ibm java 5.0.14.0
ibm java 5.0.12.3
ibm java 6.0.9.2
apache xerces2_java *
oracle jre 1.6.0
ibm java 6.0.8.1
ibm java 7.0.1.0
ibm java 6.0.4.0
oracle jre 1.5.0
ibm host_on-demand 11.0.5.1
oracle jdk 1.5.0
ibm java 5.0.12.1
suse linux_enterprise_desktop 10
ibm host_on-demand 11.0.6
ibm java 6.0.11.0
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
oracle jdk 1.6.0
ibm java 6.0.2.0
oracle jrockit *
suse linux_enterprise_server 11
ibm host_on-demand 11.0.2
ibm java 5.0.11.2
ibm java 5.0.12.2
ibm java 6.0.7.0
ibm java 6.0.9.1
opensuse opensuse 12.2
ibm java 5.0.15.0
ibm java 7.0.4.0
ibm java 7.0.2.0
ibm host_on-demand 11.0.8
canonical ubuntu_linux 13.10
ibm java 6.0.1.0
ibm java 6.0.5.0
ibm java 7.0.3.0
oracle jdk 1.7.0
ibm java 5.0.13.0
ibm java 6.0.13.0
suse linux_enterprise_sdk 11
ibm java 5.0.12.0
canonical ubuntu_linux 12.04
ibm java 6.0.13.2
suse linux_enterprise_java 10
ibm java 5.0.0.0
ibm java 6.0.10.1
ibm java 6.0.10.0
ibm host_on-demand 11.0
CVE-2013-4365 HIGH

Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
apache mod_fcgid *
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
opensuse opensuse 11.4
suse cloud 1.0
opensuse opensuse 12.3
suse cloud 2.0
debian debian_linux 7.0
debian debian_linux 6.0
CVE-2013-4415 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3) start_hour, (4) end_am_pm, (5) end_day, (6) end_hour, (7) end_minute, (8) end_month, (9) end_year, (10) optionScanDateSearch, (11) result_filter, (12) search_string, (13) show_as, (14) start_am_pm, (15) start_day, (16) start_hour, (17) start_minute, (18) start_month, (19) start_year, or (20) whereToSearch variable in an scap audit results search; (21) end_minute, (22) end_month, (23) end_year, (24) errata_type_bug, (25) errata_type_enhancement, (26) errata_type_security, (27) fineGrained, (28) list_1892635924_sortdir, (29) optionIssueDateSearch, (30) start_am_pm, (31) start_day, (32) start_hour, (33) start_minute, (34) start_month, (35) start_year, or (36) view_mode variable in an errata search; or (37) fineGrained variable in a systems search, related to PAGE_SIZE_LABEL_SELECTED.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat spacewalk-java *
redhat satellite 5.6
suse manager 1.7
redhat satellite_5_managed_db 5.6
redhat spacewalk-web *
CVE-2013-4419 MEDIUM

The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
libguestfs libguestfs *
suse suse_linux_enterprise_software_development_kit 11.0
novell suse_linux_enterprise_server 11.0
CVE-2013-4458 MEDIUM

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
gnu glibc 2.10.1
gnu glibc 2.1.1
gnu glibc 2.12.2
gnu glibc 2.12.1
suse linux_enterprise_debuginfo 11
gnu glibc 2.1
gnu glibc 2.0.4
gnu glibc 2.1.1.6
gnu glibc 2.0
gnu glibc 2.14
gnu glibc 2.11.2
gnu glibc 2.13
gnu glibc 2.15
gnu glibc 2.0.2
gnu glibc 2.14.1
gnu glibc 2.1.9
gnu glibc *
suse linux_enterprise_server 11
gnu glibc 2.0.5
gnu glibc 2.1.2
gnu glibc 2.1.3
gnu glibc 2.11.1
gnu glibc 2.0.3
gnu glibc 2.16
gnu glibc 2.0.6
gnu glibc 2.11.3
gnu glibc 2.11
gnu glibc 2.17
gnu glibc 2.0.1
CVE-2013-4480 HIGH

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-668,

Products Affected

Vendor Product Version
redhat network_satellite *
redhat satellite_with_embedded_oracle 5.2
suse manager 1.7
suse linux_enterprise 11.0
redhat satellite_with_embedded_oracle 5.4
redhat satellite_with_embedded_oracle 5.5
redhat satellite *
redhat satellite_with_embedded_oracle 5.3
CVE-2013-4547 HIGH

nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-116,

Products Affected

Vendor Product Version
suse lifecycle_management_server 1.3
opensuse opensuse 12.2
opensuse opensuse 11.4
opensuse opensuse 12.3
suse webyast 1.3
suse studio_onsite 1.3
opensuse opensuse 13.1
f5 nginx *
CVE-2013-4854 HIGH

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
fedoraproject fedora 18
isc bind 9.8.6
slackware slackware_linux 13.37
isc bind 9.9.3
isc bind 9.8.5
slackware slackware_linux 13.1
isc bind 9.9.1
isc bind 9.7.4
isc bind 9.7.7
isc bind 9.7.3
isc bind 9.7.6
isc bind 9.7.0
slackware slackware_linux 13.0
freebsd freebsd 8.2
freebsd freebsd 8.3
isc bind 9.7.5
isc bind 9.8.3
isc dnsco_bind 9.9.4
redhat enterprise_linux 6.0
hp hp-ux b.11.31
slackware slackware_linux 12.1
isc bind 9.8.0
fedoraproject fedora 19
freebsd freebsd 8.0
redhat enterprise_linux 5
suse suse_linux_enterprise_software_development_kit 11.0
isc bind 9.9.2
mandriva enterprise_server 5.0
mandriva business_server 1.0
slackware slackware_linux 12.2
freebsd freebsd 8.4
isc bind 9.8.4
freebsd freebsd 9.1
isc bind 9.8.1
isc bind 9.7.1
isc bind 9.8.2
isc bind 9.9.0
opensuse opensuse 11.4
isc bind 9.7.2
freebsd freebsd 9.0
isc dnsco_bind 9.9.3
novell suse_linux 11
freebsd freebsd 9.2
freebsd freebsd 8.1
CVE-2013-5609 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
fedoraproject fedora 18
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2013-5610 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
fedoraproject fedora 18
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 13.10
mozilla firefox *
mozilla seamonkey *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
fedoraproject fedora 20
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2013-5611 MEDIUM

Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.1
mozilla firefox 1.5.0.4
mozilla firefox 14.0.1
mozilla firefox 3.0.2
mozilla firefox 1.5.0.12
mozilla firefox 4.0.1
mozilla firefox 3.6.7
mozilla firefox 3.0
mozilla firefox 3.6.11
mozilla firefox 18.0.2
mozilla firefox 1.5.0.10
mozilla firefox 3.6.13
mozilla firefox 8.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.5.17
mozilla firefox 3.5.8
mozilla firefox 10.0.1
mozilla firefox 3.6.3
mozilla firefox 15.0.1
mozilla firefox 3.6.21
opensuse opensuse 13.1
mozilla firefox 10.0.10
mozilla firefox 1.0.3
mozilla firefox 17.0.8
mozilla firefox 3.6.12
mozilla firefox 25.0
mozilla firefox 3.6.22
mozilla firefox 3.0.3
mozilla firefox 0.7.1
mozilla firefox 3.5.12
mozilla firefox 18.0
mozilla firefox 17.0.2
mozilla firefox 1.5.0.5
mozilla firefox 3.6.9
fedoraproject fedora 20
mozilla firefox 0.8
mozilla firefox 3.0.10
mozilla firefox 13.0.1
mozilla firefox 3.5.16
mozilla firefox 0.9.2
mozilla firefox 2.0.0.16
mozilla firefox 16.0.1
mozilla firefox 3.6.16
mozilla firefox 3.6.24
mozilla firefox 21.0
canonical ubuntu_linux 13.10
mozilla firefox 3.0.17
mozilla firefox 9.0.1
mozilla firefox 3.0.14
mozilla firefox 13.0
mozilla firefox 1.5.0.8
mozilla firefox 2.0.0.15
mozilla firefox 3.5.1
mozilla firefox 2.0.0.11
mozilla firefox 3.0.6
mozilla firefox 20.0
mozilla firefox 10.0
mozilla firefox 0.1
mozilla firefox 3.6.8
mozilla firefox 10.0.9
mozilla firefox 19.0.2
mozilla firefox 2.0
mozilla firefox *
mozilla firefox 3.5.14
mozilla firefox 10.0.5
mozilla firefox 3.5.6
mozilla firefox 10.0.3
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.20
mozilla firefox 3.5.3
mozilla firefox 16.0
mozilla firefox 2.0.0.5
mozilla firefox 3.0.9
mozilla firefox 3.0.5
mozilla firefox 3.6.26
mozilla firefox 17.0.5
mozilla firefox 3.6.14
mozilla firefox 17.0.4
mozilla firefox 2.0.0.10
mozilla firefox 17.0.9
mozilla firefox 2.0.0.3
mozilla firefox 3.6.15
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.6
mozilla firefox 3.0.4
mozilla firefox 3.0.8
mozilla firefox 1.5.4
mozilla firefox 18.0.1
mozilla firefox 10.0.2
mozilla firefox 0.7
mozilla firefox 0.9.1
mozilla firefox 7.0
mozilla firefox 24.1.1
mozilla firefox 5.0
mozilla firefox 3.5.5
mozilla firefox 19.0
mozilla firefox 1.0.8
mozilla firefox 3.6.4
mozilla firefox 3.6.10
mozilla firefox 1.0.1
mozilla firefox 0.6.1
mozilla firefox 0.9.3
canonical ubuntu_linux 12.04
mozilla firefox 2.0.0.19
mozilla firefox 2.0.0.18
mozilla firefox 0.10.1
mozilla firefox 9.0
mozilla firefox 1.5.0.6
mozilla firefox 5.0.1
mozilla firefox 1.5.6
mozilla firefox 3.5.15
mozilla firefox 1.5.1
mozilla firefox 10.0.4
mozilla firefox 3.6.6
mozilla firefox 17.0.3
mozilla firefox 7.0.1
mozilla firefox 1.5.0.3
mozilla firefox 20.0.1
mozilla firefox 16.0.2
mozilla firefox 15.0
mozilla firefox 24.1
canonical ubuntu_linux 12.10
mozilla firefox 10.0.8
mozilla firefox 3.5.18
mozilla firefox 3.5.19
mozilla firefox 3.0.1
mozilla firefox 1.0.6
mozilla firefox 3.0.15
mozilla firefox 1.0.2
mozilla firefox 0.2
mozilla firefox 12.0
mozilla firefox 3.6.17
mozilla firefox 2.0.0.13
mozilla firefox 19.0.1
mozilla firefox 2.0.0.4
mozilla firefox 17.0.10
mozilla firefox 2.0.0.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.17
mozilla firefox 3.6
mozilla firefox 3.6.19
suse linux_enterprise_desktop 11
mozilla firefox 3.0.11
mozilla firefox 1.5.7
mozilla firefox 3.5.2
mozilla firefox 10.0.7
mozilla firefox 3.0.13
fedoraproject fedora 19
mozilla firefox 1.5.0.2
mozilla firefox 3.5.9
mozilla firefox 3.6.18
mozilla firefox 3.0.7
mozilla firefox 1.0.4
mozilla firefox 2.0.0.7
mozilla firefox 6.0
mozilla firefox 0.6
mozilla firefox 1.5.8
mozilla firefox 2.0.0.8
mozilla firefox 3.6.25
mozilla firefox 4.0
mozilla firefox 3.5.10
mozilla firefox 3.0.12
mozilla firefox 3.0.19
mozilla firefox 0.3
opensuse_project opensuse 12.3
mozilla firefox 0.10
mozilla firefox 1.5.0.7
mozilla firefox 17.0.6
mozilla firefox 11.0
mozilla firefox 24.0
mozilla firefox 1.5.0.11
mozilla firefox 17.0.11
mozilla firefox 17.0.7
canonical ubuntu_linux 13.04
mozilla firefox 1.5.0.9
mozilla firefox 14.0
mozilla firefox 8.0
mozilla firefox 3.6.2
mozilla firefox 3.6.28
mozilla firefox 1.5
mozilla firefox 1.5.2
mozilla firefox 10.0.6
mozilla firefox 6.0.2
mozilla firefox 0.4
mozilla firefox 0.5
mozilla firefox 1.0
mozilla firefox 0.9
mozilla firefox 3.6.27
mozilla firefox 3.5
mozilla firefox 3.5.7
mozilla firefox 1.5.3
mozilla firefox 3.0.16
mozilla firefox 2.0.0.14
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
mozilla firefox 10.0.12
opensuse_project opensuse 11.4
mozilla firefox 23.0
suse linux_enterprise_server 11
mozilla firefox 3.5.4
mozilla firefox 10.0.11
mozilla firefox 1.5.5
mozilla firefox 1.0.5
mozilla firefox 1.0.7
mozilla firefox 3.0.18
mozilla firefox 23.0.1
mozilla firefox 3.5.11
mozilla firefox 3.5.13
mozilla firefox 6.0.1
mozilla firefox 3.6.23
CVE-2013-5612 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.5
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2013-5613 HIGH

Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
fedoraproject fedora 18
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2013-5614 MEDIUM

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.5
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2013-5615 HIGH

The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
fedoraproject fedora 18
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
suse suse_linux_enterprise_software_development_kit 11.0
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 13.10
mozilla thunderbird *
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
canonical ubuntu_linux 13.04
canonical ubuntu_linux 12.04
fedoraproject fedora 20
suse suse_linux_enterprise_desktop 11
opensuse opensuse 12.3
opensuse opensuse 13.1
CVE-2013-5616 HIGH

Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
fedoraproject fedora 18
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2013-5618 HIGH

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
fedoraproject fedora 18
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2013-5619 HIGH

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 13.10
mozilla firefox *
mozilla seamonkey *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
fedoraproject fedora 20
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2013-6501 MEDIUM

The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
suse linux_enterprise_server 11.0
php php *
CVE-2013-6671 HIGH

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
fedoraproject fedora 18
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2013-6672 MEDIUM

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
canonical ubuntu_linux 13.10
mozilla firefox *
mozilla seamonkey *
canonical ubuntu_linux 13.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
fedoraproject fedora 20
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2013-6673 MEDIUM

Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
fedoraproject fedora 18
fedoraproject fedora 19
canonical ubuntu_linux 12.10
opensuse opensuse 12.2
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
mozilla thunderbird *
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
canonical ubuntu_linux 13.04
canonical ubuntu_linux 12.04
fedoraproject fedora 20
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-0069 HIGH

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_tus 6.5
suse linux_enterprise_desktop 11
linux linux_kernel *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_server 11
CVE-2014-0131 LOW

Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.

CVSS 2.0

Severity: LOW

Problem Type: CWE-416,

Products Affected

Vendor Product Version
opensuse evergreen 11.4
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2014-0181 LOW

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
opensuse evergreen 11.4
suse linux_enterprise_real_time_extension 11
redhat enterprise_linux_desktop 5
suse suse_linux_enterprise_server 11
linux linux_kernel *
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
CVE-2014-0196 MEDIUM

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-362,

Products Affected

Vendor Product Version
f5 big-iq_cloud_and_orchestration 1.0.0
redhat enterprise_linux_eus 6.4
f5 big-ip_policy_enforcement_manager *
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
linux linux_kernel 2.6.31
f5 big-ip_advanced_firewall_manager *
f5 big-iq_centralized_management 4.6.0
f5 big-iq_device *
redhat enterprise_linux_eus 6.3
f5 big-ip_application_acceleration_manager *
f5 big-ip_wan_optimization_manager *
oracle linux 6
linux linux_kernel *
redhat enterprise_linux 6.0
f5 big-iq_cloud *
f5 big-ip_edge_gateway *
canonical ubuntu_linux 12.10
f5 big-ip_webaccelerator *
f5 enterprise_manager 3.1.1
suse suse_linux_enterprise_high_availability_extension 11
f5 enterprise_manager 3.1.0
canonical ubuntu_linux 13.10
canonical ubuntu_linux 10.04
f5 big-ip_access_policy_manager *
f5 big-ip_local_traffic_manager *
f5 big-iq_security *
f5 big-iq_application_delivery_controller 4.5.0
f5 big-ip_global_traffic_manager *
canonical ubuntu_linux 12.04
f5 enterprise_manager *
f5 big-ip_application_security_manager *
f5 big-ip_link_controller *
f5 big-ip_protocol_security_module *
suse suse_linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
debian debian_linux 7.0
f5 big-ip_analytics *
debian debian_linux 6.0
CVE-2014-0198 MEDIUM

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
fedoraproject fedora 19
openssl openssl *
mariadb mariadb *
fedoraproject fedora 20
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
opensuse opensuse 12.3
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
debian debian_linux 6.0
CVE-2014-0221 MEDIUM

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
fedoraproject fedora 19
openssl openssl *
redhat enterprise_linux 5
redhat storage 2.1
mariadb mariadb *
fedoraproject fedora 20
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
fedoraproject fedora *
opensuse opensuse 13.2
CVE-2014-0222 HIGH

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
qemu qemu 1.0.1
qemu qemu 0.9.1
qemu qemu 0.15.1
qemu qemu 0.5.4
qemu qemu 0.11.0-rc1
qemu qemu 0.7.0
qemu qemu 0.8.2
qemu qemu 0.13.0
qemu qemu *
qemu qemu 0.6.0
qemu qemu 0.10.1
qemu qemu 0.11.1
qemu qemu 0.5.0
qemu qemu 0.11.0-rc2
qemu qemu 0.9.1-5
qemu qemu 0.1.4
qemu qemu 0.1.5
qemu qemu 0.4.3
qemu qemu 0.12.1
qemu qemu 0.1.6
qemu qemu 0.12.0
qemu qemu 0.4.1
qemu qemu 0.11.0-rc0
qemu qemu 0.12.4
qemu qemu 0.3.0
qemu qemu 0.10.4
qemu qemu 0.11.0
qemu qemu 0.10.2
qemu qemu 0.7.2
qemu qemu 1.4.1
qemu qemu 0.15.0
qemu qemu 1.6.0
qemu qemu 0.1.1
qemu qemu 0.1.3
qemu qemu 0.6.1
qemu qemu 0.12.5
qemu qemu 0.10.0
qemu qemu 0.8.1
qemu qemu 1.5.1
qemu qemu 0.1.2
qemu qemu 1.1
qemu qemu 1.5.2
qemu qemu 0.5.3
qemu qemu 1.5.3
qemu qemu 0.1.0
qemu qemu 1.0
qemu qemu 0.2.0
qemu qemu 0.8.0
qemu qemu 0.4.0
qemu qemu 0.14.0
qemu qemu 0.14.1
qemu qemu 0.15.2
qemu qemu 1.6.1
suse linux_enterprise_server 11.0
qemu qemu 1.4.2
qemu qemu 0.4.2
qemu qemu 0.12.2
qemu qemu 1.5.0
qemu qemu 0.5.5
qemu qemu 0.10.3
qemu qemu 0.10.5
qemu qemu 0.12.3
qemu qemu 0.10.6
qemu qemu 0.9.0
qemu qemu 1.6.2
qemu qemu 0.7.1
qemu qemu 0.5.1
qemu qemu 0.5.2
CVE-2014-0223 MEDIUM

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
qemu qemu 1.0.1
qemu qemu 0.9.1
qemu qemu 0.15.1
qemu qemu 0.5.4
qemu qemu 0.11.0-rc1
qemu qemu 0.7.0
qemu qemu 0.8.2
qemu qemu 0.13.0
qemu qemu *
qemu qemu 0.6.0
qemu qemu 0.10.1
qemu qemu 0.11.1
qemu qemu 0.5.0
qemu qemu 0.11.0-rc2
qemu qemu 0.9.1-5
qemu qemu 0.1.4
qemu qemu 0.1.5
qemu qemu 0.4.3
qemu qemu 0.12.1
qemu qemu 0.1.6
qemu qemu 0.12.0
qemu qemu 0.4.1
qemu qemu 0.11.0-rc0
qemu qemu 0.12.4
qemu qemu 0.3.0
qemu qemu 0.10.4
qemu qemu 0.11.0
qemu qemu 0.10.2
qemu qemu 0.7.2
qemu qemu 1.4.1
qemu qemu 0.15.0
qemu qemu 1.6.0
qemu qemu 0.1.1
qemu qemu 0.1.3
qemu qemu 0.6.1
qemu qemu 0.12.5
qemu qemu 0.10.0
qemu qemu 0.8.1
qemu qemu 1.5.1
qemu qemu 0.1.2
qemu qemu 1.1
qemu qemu 1.5.2
qemu qemu 0.5.3
qemu qemu 1.5.3
qemu qemu 0.1.0
qemu qemu 1.0
qemu qemu 0.2.0
qemu qemu 0.8.0
qemu qemu 0.4.0
qemu qemu 0.14.0
qemu qemu 0.14.1
qemu qemu 0.15.2
qemu qemu 1.6.1
suse linux_enterprise_server 11.0
qemu qemu 1.4.2
qemu qemu 0.4.2
qemu qemu 0.12.2
qemu qemu 1.5.0
qemu qemu 0.5.5
qemu qemu 0.10.3
qemu qemu 0.10.5
qemu qemu 0.12.3
qemu qemu 0.10.6
qemu qemu 0.9.0
qemu qemu 1.6.2
qemu qemu 0.7.1
qemu qemu 0.5.1
qemu qemu 0.5.2
CVE-2014-0497 HIGH

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-191,CWE-191,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
google chrome *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2014-0502 HIGH

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-415,CWE-415,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
adobe adobe_air_sdk *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
adobe adobe_air *
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2014-0553 HIGH

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
adobe flash_player 11.2.202.378
adobe adobe_air_sdk 14.0.0.137
adobe flash_player 11.2.202.336
adobe flash_player 11.2.202.394
adobe flash_player 11.2.202.280
adobe adobe_air 13.0.0.111
adobe adobe_air_sdk 13.0.0.83
adobe flash_player 11.2.202.235
adobe adobe_air 13.0.0.83
adobe flash_player 11.2.202.236
adobe flash_player 11.2.202.285
adobe flash_player 11.2.202.291
adobe adobe_air 14.0.0.110
adobe flash_player 13.0.0.214
adobe adobe_air_sdk 13.0.0.111
adobe flash_player 13.0.0.231
adobe flash_player 11.2.202.332
adobe flash_player 11.2.202.233
adobe flash_player 11.2.202.238
adobe flash_player 11.2.202.356
adobe flash_player 11.2.202.243
adobe adobe_air_sdk 14.0.0.110
adobe flash_player 11.2.202.275
adobe flash_player 11.2.202.359
adobe flash_player 14.0.0.125
adobe flash_player 11.2.202.223
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 13.0.0.206
adobe adobe_air 14.0.0.137
adobe adobe_air_sdk *
adobe flash_player 11.2.202.335
adobe flash_player 11.2.202.341
adobe flash_player 11.2.202.350
adobe flash_player 13.0.0.223
adobe flash_player 14.0.0.176
adobe adobe_air *
adobe flash_player 11.2.202.346
adobe flash_player 14.0.0.179
opensuse opensuse 12.3
adobe flash_player 11.2.202.297
adobe flash_player 13.0.0.201
adobe flash_player 14.0.0.145
adobe flash_player 11.2.202.261
adobe flash_player 11.2.202.273
suse suse_linux_enterprise_desktop 11.0
adobe flash_player 11.2.202.258
adobe flash_player 13.0.0.182
opensuse opensuse 11.4
adobe flash_player 11.2.202.251
adobe flash_player 11.2.202.310
adobe flash_player 15.0.0.144
adobe flash_player 11.2.202.228
adobe flash_player 11.2.202.262
adobe flash_player 11.2.202.270
CVE-2014-0564 HIGH

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
adobe flash_player_desktop_runtime *
adobe air_desktop_runtime *
adobe air_sdk *
opensuse evergreen 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
opensuse opensuse 13.1
CVE-2014-0569 HIGH

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
adobe flash_player_desktop_runtime *
adobe air_desktop_runtime *
adobe air_sdk *
opensuse evergreen 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
adobe flash_player *
opensuse opensuse 13.1
CVE-2014-1477 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2014-1479 MEDIUM

The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2014-1480 MEDIUM

The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
canonical ubuntu_linux 13.10
mozilla firefox *
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-1481 MEDIUM

Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2014-1482 HIGH

RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2014-1483 MEDIUM

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
mozilla firefox *
mozilla seamonkey *
canonical ubuntu_linux 12.04
oracle solaris 11.3
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-1484 MEDIUM

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.1
mozilla firefox 1.5.0.4
mozilla firefox 14.0.1
mozilla firefox 3.0.2
mozilla firefox 1.5.0.12
mozilla firefox 4.0.1
mozilla firefox 3.6.7
mozilla firefox 3.0
mozilla firefox 3.6.11
mozilla firefox 18.0.2
mozilla firefox 1.5.0.10
mozilla firefox 3.6.13
mozilla firefox 8.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.5.17
mozilla firefox 3.5.8
mozilla firefox 10.0.1
mozilla firefox 3.6.3
mozilla firefox 15.0.1
mozilla firefox 3.6.21
opensuse opensuse 13.1
mozilla firefox 10.0.10
mozilla firefox 1.0.3
mozilla firefox 17.0.8
mozilla firefox 3.6.12
mozilla firefox 25.0
mozilla firefox 3.6.22
mozilla firefox 3.0.3
mozilla firefox 0.7.1
mozilla firefox 3.5.12
mozilla firefox 18.0
mozilla firefox 17.0.2
mozilla firefox 1.5.0.5
mozilla firefox 3.6.9
mozilla firefox 0.8
mozilla firefox 3.0.10
mozilla firefox 13.0.1
mozilla firefox 3.5.16
mozilla firefox 0.9.2
mozilla firefox 2.0.0.16
mozilla firefox 16.0.1
mozilla firefox 3.6.16
mozilla firefox 3.6.24
mozilla firefox 21.0
mozilla firefox 3.0.17
mozilla firefox 9.0.1
mozilla firefox 3.0.14
mozilla firefox 13.0
mozilla firefox 1.5.0.8
mozilla firefox 2.0.0.15
mozilla firefox 3.5.1
mozilla firefox 2.0.0.11
mozilla firefox 3.0.6
mozilla firefox 20.0
mozilla firefox 10.0
mozilla firefox 0.1
mozilla firefox 3.6.8
mozilla firefox 10.0.9
mozilla firefox 19.0.2
mozilla firefox 2.0
mozilla firefox *
mozilla firefox 3.5.14
mozilla firefox 10.0.5
mozilla firefox 25.0.1
mozilla firefox 3.5.6
mozilla firefox 10.0.3
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.20
mozilla firefox 3.5.3
mozilla firefox 16.0
mozilla firefox 2.0.0.5
mozilla firefox 3.0.9
mozilla firefox 3.0.5
mozilla firefox 3.6.26
mozilla firefox 17.0.5
mozilla firefox 3.6.14
mozilla firefox 17.0.4
mozilla firefox 2.0.0.10
mozilla firefox 17.0.9
mozilla firefox 2.0.0.3
mozilla firefox 3.6.15
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.6
mozilla firefox 3.0.4
mozilla firefox 3.0.8
mozilla firefox 1.5.4
mozilla firefox 18.0.1
mozilla firefox 10.0.2
mozilla firefox 0.7
mozilla firefox 0.9.1
mozilla firefox 7.0
mozilla firefox 24.1.1
mozilla firefox 5.0
mozilla firefox 3.5.5
mozilla firefox 19.0
mozilla firefox 1.0.8
mozilla firefox 3.6.4
mozilla firefox 3.6.10
mozilla firefox 1.0.1
mozilla firefox 0.6.1
mozilla firefox 0.9.3
mozilla firefox 2.0.0.19
mozilla firefox 2.0.0.18
mozilla firefox 0.10.1
mozilla firefox 9.0
mozilla firefox 1.5.0.6
mozilla firefox 5.0.1
mozilla firefox 1.5.6
mozilla firefox 3.5.15
mozilla firefox 1.5.1
mozilla firefox 10.0.4
mozilla firefox 3.6.6
mozilla firefox 17.0.3
mozilla firefox 7.0.1
mozilla firefox 1.5.0.3
mozilla firefox 20.0.1
mozilla firefox 16.0.2
mozilla firefox 15.0
mozilla firefox 24.1
mozilla firefox 10.0.8
mozilla firefox 3.5.18
mozilla firefox 3.5.19
mozilla firefox 3.0.1
mozilla firefox 1.0.6
mozilla firefox 3.0.15
mozilla firefox 1.0.2
mozilla firefox 0.2
mozilla firefox 12.0
mozilla firefox 3.6.17
mozilla firefox 2.0.0.13
mozilla firefox 19.0.1
mozilla firefox 2.0.0.4
mozilla firefox 17.0.10
mozilla firefox 2.0.0.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.17
mozilla firefox 3.6
mozilla firefox 3.6.19
suse linux_enterprise_desktop 11
mozilla firefox 3.0.11
mozilla firefox 1.5.7
mozilla firefox 3.5.2
mozilla firefox 10.0.7
mozilla firefox 3.0.13
mozilla firefox 1.5.0.2
mozilla firefox 3.5.9
mozilla firefox 3.6.18
mozilla firefox 3.0.7
mozilla firefox 1.0.4
mozilla firefox 2.0.0.7
mozilla firefox 6.0
mozilla firefox 0.6
mozilla firefox 1.5.8
mozilla firefox 2.0.0.8
mozilla firefox 3.6.25
mozilla firefox 4.0
mozilla firefox 3.5.10
mozilla firefox 3.0.12
mozilla firefox 3.0.19
mozilla firefox 0.3
opensuse_project opensuse 12.3
mozilla firefox 0.10
mozilla firefox 1.5.0.7
mozilla firefox 17.0.6
mozilla firefox 11.0
mozilla firefox 24.0
mozilla firefox 1.5.0.11
mozilla firefox 17.0.11
mozilla firefox 17.0.7
mozilla firefox 1.5.0.9
mozilla firefox 14.0
mozilla firefox 8.0
mozilla firefox 3.6.2
mozilla firefox 3.6.28
mozilla firefox 1.5
mozilla firefox 1.5.2
mozilla firefox 10.0.6
mozilla firefox 6.0.2
mozilla firefox 0.4
mozilla firefox 0.5
mozilla firefox 1.0
mozilla firefox 0.9
mozilla firefox 3.6.27
mozilla firefox 3.5
mozilla firefox 3.5.7
mozilla firefox 1.5.3
mozilla firefox 3.0.16
mozilla firefox 2.0.0.14
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
mozilla firefox 10.0.12
mozilla firefox 23.0
suse linux_enterprise_server 11
mozilla firefox 3.5.4
mozilla firefox 10.0.11
mozilla firefox 1.5.5
mozilla firefox 1.0.5
mozilla firefox 1.0.7
mozilla firefox 3.0.18
mozilla firefox 23.0.1
mozilla firefox 3.5.11
mozilla firefox 3.5.13
mozilla firefox 6.0.1
mozilla firefox 3.6.23
CVE-2014-1485 HIGH

The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
canonical ubuntu_linux 13.10
mozilla firefox *
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-1486 HIGH

Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.5
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 13.10
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
fedoraproject fedora 20
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_tus 6.5
suse suse_linux_enterprise_desktop 11
opensuse opensuse 12.3
debian debian_linux 7.0
opensuse opensuse 13.1
CVE-2014-1487 MEDIUM

The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
CVE-2014-1488 HIGH

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
suse linux_enterprise_server 11
mozilla firefox *
CVE-2014-1489 MEDIUM

Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.1
mozilla firefox 1.5.0.4
mozilla firefox 14.0.1
mozilla firefox 3.0.2
mozilla firefox 1.5.0.12
mozilla firefox 4.0.1
mozilla firefox 3.6.7
mozilla firefox 3.0
mozilla firefox 3.6.11
mozilla firefox 18.0.2
mozilla firefox 1.5.0.10
mozilla firefox 3.6.13
mozilla firefox 8.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.5.17
mozilla firefox 3.5.8
mozilla firefox 10.0.1
mozilla firefox 3.6.3
mozilla firefox 15.0.1
mozilla firefox 3.6.21
opensuse opensuse 13.1
mozilla firefox 10.0.10
mozilla firefox 1.0.3
mozilla firefox 17.0.8
mozilla firefox 3.6.12
mozilla firefox 25.0
mozilla firefox 3.6.22
mozilla firefox 3.0.3
mozilla firefox 0.7.1
mozilla firefox 3.5.12
mozilla firefox 18.0
mozilla firefox 17.0.2
mozilla firefox 1.5.0.5
mozilla firefox 3.6.9
mozilla firefox 0.8
mozilla firefox 3.0.10
mozilla firefox 13.0.1
mozilla firefox 3.5.16
mozilla firefox 0.9.2
mozilla firefox 2.0.0.16
mozilla firefox 16.0.1
mozilla firefox 3.6.16
mozilla firefox 3.6.24
mozilla firefox 21.0
canonical ubuntu_linux 13.10
mozilla firefox 3.0.17
mozilla firefox 9.0.1
mozilla firefox 3.0.14
mozilla firefox 13.0
mozilla firefox 1.5.0.8
mozilla firefox 2.0.0.15
mozilla firefox 3.5.1
mozilla firefox 2.0.0.11
mozilla firefox 3.0.6
mozilla firefox 20.0
mozilla firefox 10.0
mozilla firefox 0.1
mozilla firefox 3.6.8
mozilla firefox 10.0.9
mozilla firefox 19.0.2
mozilla firefox 2.0
mozilla firefox *
mozilla firefox 3.5.14
mozilla firefox 10.0.5
mozilla firefox 25.0.1
mozilla firefox 3.5.6
mozilla firefox 10.0.3
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.20
mozilla firefox 3.5.3
mozilla firefox 16.0
mozilla firefox 2.0.0.5
mozilla firefox 3.0.9
mozilla firefox 3.0.5
mozilla firefox 3.6.26
mozilla firefox 17.0.5
mozilla firefox 3.6.14
mozilla firefox 17.0.4
mozilla firefox 2.0.0.10
mozilla firefox 17.0.9
mozilla firefox 2.0.0.3
mozilla firefox 3.6.15
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.6
mozilla firefox 3.0.4
mozilla firefox 3.0.8
mozilla firefox 1.5.4
mozilla firefox 18.0.1
mozilla firefox 10.0.2
mozilla firefox 0.7
mozilla firefox 0.9.1
mozilla firefox 7.0
mozilla firefox 24.1.1
mozilla firefox 5.0
mozilla firefox 3.5.5
mozilla firefox 19.0
mozilla firefox 1.0.8
mozilla firefox 3.6.4
mozilla firefox 3.6.10
mozilla firefox 1.0.1
mozilla firefox 0.6.1
mozilla firefox 0.9.3
canonical ubuntu_linux 12.04
mozilla firefox 2.0.0.19
mozilla firefox 2.0.0.18
mozilla firefox 0.10.1
mozilla firefox 9.0
mozilla firefox 1.5.0.6
mozilla firefox 5.0.1
mozilla firefox 1.5.6
mozilla firefox 3.5.15
mozilla firefox 1.5.1
mozilla firefox 10.0.4
mozilla firefox 3.6.6
mozilla firefox 17.0.3
mozilla firefox 7.0.1
mozilla firefox 1.5.0.3
mozilla firefox 20.0.1
mozilla firefox 16.0.2
mozilla firefox 15.0
mozilla firefox 24.1
canonical ubuntu_linux 12.10
mozilla firefox 10.0.8
mozilla firefox 3.5.18
mozilla firefox 3.5.19
mozilla firefox 3.0.1
mozilla firefox 1.0.6
mozilla firefox 3.0.15
mozilla firefox 1.0.2
mozilla firefox 0.2
mozilla firefox 12.0
mozilla firefox 3.6.17
mozilla firefox 2.0.0.13
mozilla firefox 19.0.1
mozilla firefox 2.0.0.4
mozilla firefox 17.0.10
mozilla firefox 2.0.0.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.17
mozilla firefox 3.6
mozilla firefox 3.6.19
suse linux_enterprise_desktop 11
mozilla firefox 3.0.11
mozilla firefox 1.5.7
mozilla firefox 3.5.2
mozilla firefox 10.0.7
mozilla firefox 3.0.13
mozilla firefox 1.5.0.2
mozilla firefox 3.5.9
mozilla firefox 3.6.18
mozilla firefox 3.0.7
mozilla firefox 1.0.4
mozilla firefox 2.0.0.7
mozilla firefox 6.0
mozilla firefox 0.6
mozilla firefox 1.5.8
mozilla firefox 2.0.0.8
mozilla firefox 3.6.25
mozilla firefox 4.0
mozilla firefox 3.5.10
mozilla firefox 3.0.12
mozilla firefox 3.0.19
mozilla firefox 0.3
opensuse_project opensuse 12.3
mozilla firefox 0.10
mozilla firefox 1.5.0.7
mozilla firefox 17.0.6
mozilla firefox 11.0
mozilla firefox 24.0
mozilla firefox 1.5.0.11
mozilla firefox 17.0.11
mozilla firefox 17.0.7
mozilla firefox 1.5.0.9
mozilla firefox 14.0
mozilla firefox 8.0
mozilla firefox 3.6.2
mozilla firefox 3.6.28
mozilla firefox 1.5
mozilla firefox 1.5.2
mozilla firefox 10.0.6
mozilla firefox 6.0.2
mozilla firefox 0.4
mozilla firefox 0.5
mozilla firefox 1.0
mozilla firefox 0.9
mozilla firefox 3.6.27
mozilla firefox 3.5
mozilla firefox 3.5.7
mozilla firefox 1.5.3
mozilla firefox 3.0.16
mozilla firefox 2.0.0.14
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
mozilla firefox 10.0.12
mozilla firefox 23.0
suse linux_enterprise_server 11
mozilla firefox 3.5.4
mozilla firefox 10.0.11
mozilla firefox 1.5.5
mozilla firefox 1.0.5
mozilla firefox 1.0.7
mozilla firefox 3.0.18
mozilla firefox 23.0.1
mozilla firefox 3.5.11
mozilla firefox 3.5.13
mozilla firefox 6.0.1
mozilla firefox 3.6.23
CVE-2014-1490 HIGH

Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,

Products Affected

Vendor Product Version
fedoraproject fedora 19
oracle enterprise_manager_ops_center 12.2.0
oracle enterprise_manager_ops_center 12.3.0
canonical ubuntu_linux 12.10
mozilla network_security_services *
canonical ubuntu_linux 13.10
mozilla thunderbird *
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle vm_server 3.2
opensuse opensuse 11.4
fedoraproject fedora 20
oracle enterprise_manager_ops_center 12.2.1
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
suse linux_enterprise_server 11
oracle enterprise_manager_ops_center *
CVE-2014-1491 MEDIUM

Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
fedoraproject fedora 19
oracle enterprise_manager_ops_center 12.2.0
oracle enterprise_manager_ops_center 12.3.0
canonical ubuntu_linux 12.10
mozilla network_security_services *
canonical ubuntu_linux 13.10
mozilla thunderbird *
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle vm_server 3.2
opensuse opensuse 11.4
fedoraproject fedora 20
oracle enterprise_manager_ops_center 12.2.1
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
suse linux_enterprise_server 11
oracle enterprise_manager_ops_center *
CVE-2014-1493 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1494 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
opensuse_project opensuse 11.4
suse linux_enterprise_desktop 11
opensuse_project opensuse 12.3
opensuse opensuse 13.1
suse linux_enterprise_server 11
mozilla firefox *
CVE-2014-1496 LOW

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla seamonkey *
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_software_development_kit 11.0
suse suse_linux_enterprise_server 11
mozilla thunderbird *
mozilla firefox *
mozilla firefox_esr *
CVE-2014-1497 MEDIUM

The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1498 MEDIUM

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-347,

Products Affected

Vendor Product Version
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
opensuse_project opensuse 11.4
suse linux_enterprise_desktop 11
opensuse_project opensuse 12.3
opensuse opensuse 13.1
suse linux_enterprise_server 11
mozilla firefox *
CVE-2014-1499 MEDIUM

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
opensuse_project opensuse 11.4
suse linux_enterprise_desktop 11
opensuse_project opensuse 12.3
opensuse opensuse 13.1
suse linux_enterprise_server 11
mozilla firefox *
CVE-2014-1500 MEDIUM

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
opensuse_project opensuse 11.4
suse linux_enterprise_desktop 11
opensuse_project opensuse 12.3
opensuse opensuse 13.1
suse linux_enterprise_server 11
mozilla firefox *
CVE-2014-1501 MEDIUM

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.1
mozilla firefox 1.5.0.4
mozilla firefox 14.0.1
mozilla firefox 3.0.2
mozilla firefox 1.5.0.12
mozilla firefox 4.0.1
mozilla firefox 3.6.7
mozilla firefox 3.0
mozilla firefox 3.6.11
mozilla firefox 18.0.2
mozilla firefox 1.5.0.10
mozilla firefox 3.6.13
mozilla firefox 8.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.5.17
mozilla firefox 3.5.8
mozilla firefox 10.0.1
mozilla firefox 3.6.3
mozilla firefox 15.0.1
mozilla firefox 3.6.21
mozilla firefox 10.0.10
mozilla firefox 1.0.3
mozilla firefox 17.0.8
mozilla firefox 3.6.12
mozilla firefox 25.0
mozilla firefox 3.6.22
mozilla firefox 3.0.3
mozilla firefox 0.7.1
mozilla firefox 3.5.12
mozilla firefox 18.0
mozilla firefox 17.0.2
mozilla firefox 1.5.0.5
mozilla firefox 3.6.9
mozilla firefox 0.8
mozilla firefox 3.0.10
mozilla firefox 13.0.1
mozilla firefox 3.5.16
mozilla firefox 0.9.2
mozilla firefox 2.0.0.16
mozilla firefox 16.0.1
mozilla firefox 3.6.16
mozilla firefox 3.6.24
mozilla firefox 21.0
mozilla firefox 3.0.17
mozilla firefox 9.0.1
mozilla firefox 3.0.14
mozilla firefox 13.0
mozilla firefox 1.5.0.8
mozilla firefox 2.0.0.15
mozilla firefox 3.5.1
mozilla firefox 2.0.0.11
mozilla firefox 3.0.6
mozilla firefox 20.0
mozilla firefox 10.0
mozilla firefox 0.1
mozilla firefox 3.6.8
mozilla firefox 10.0.9
mozilla firefox 19.0.2
mozilla firefox 2.0
mozilla firefox *
mozilla firefox 3.5.14
mozilla firefox 10.0.5
mozilla firefox 25.0.1
mozilla firefox 3.5.6
mozilla firefox 10.0.3
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.20
mozilla firefox 3.5.3
mozilla firefox 16.0
mozilla firefox 2.0.0.5
mozilla firefox 3.0.9
mozilla firefox 3.0.5
mozilla firefox 3.6.26
mozilla firefox 17.0.5
mozilla firefox 3.6.14
mozilla firefox 17.0.4
mozilla firefox 2.0.0.10
mozilla firefox 17.0.9
mozilla firefox 2.0.0.3
mozilla firefox 3.6.15
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.6
mozilla firefox 3.0.4
mozilla firefox 3.0.8
mozilla firefox 1.5.4
mozilla firefox 18.0.1
mozilla firefox 10.0.2
mozilla firefox 0.7
mozilla firefox 0.9.1
mozilla firefox 7.0
mozilla firefox 24.1.1
mozilla firefox 5.0
mozilla firefox 3.5.5
mozilla firefox 19.0
mozilla firefox 1.0.8
mozilla firefox 3.6.4
mozilla firefox 3.6.10
mozilla firefox 1.0.1
mozilla firefox 0.6.1
mozilla firefox 0.9.3
mozilla firefox 2.0.0.19
mozilla firefox 2.0.0.18
mozilla firefox 0.10.1
mozilla firefox 9.0
mozilla firefox 1.5.0.6
mozilla firefox 5.0.1
mozilla firefox 1.5.6
mozilla firefox 3.5.15
mozilla firefox 1.5.1
mozilla firefox 10.0.4
mozilla firefox 3.6.6
mozilla firefox 17.0.3
mozilla firefox 7.0.1
mozilla firefox 1.5.0.3
mozilla firefox 20.0.1
mozilla firefox 16.0.2
mozilla firefox 15.0
mozilla firefox 24.1
mozilla firefox 10.0.8
mozilla firefox 3.5.18
mozilla firefox 3.5.19
mozilla firefox 3.0.1
mozilla firefox 1.0.6
mozilla firefox 3.0.15
mozilla firefox 1.0.2
mozilla firefox 0.2
mozilla firefox 12.0
mozilla firefox 3.6.17
mozilla firefox 2.0.0.13
mozilla firefox 19.0.1
mozilla firefox 2.0.0.4
mozilla firefox 17.0.10
mozilla firefox 2.0.0.9
mozilla firefox 3.6.20
mozilla firefox 26.0
mozilla firefox 2.0.0.17
mozilla firefox 3.6
mozilla firefox 3.6.19
suse linux_enterprise_desktop 11
mozilla firefox 3.0.11
mozilla firefox 1.5.7
mozilla firefox 3.5.2
mozilla firefox 10.0.7
mozilla firefox 3.0.13
mozilla firefox 1.5.0.2
mozilla firefox 3.5.9
mozilla firefox 3.6.18
mozilla firefox 3.0.7
mozilla firefox 1.0.4
mozilla firefox 2.0.0.7
mozilla firefox 6.0
mozilla firefox 0.6
mozilla firefox 1.5.8
mozilla firefox 2.0.0.8
mozilla firefox 3.6.25
mozilla firefox 4.0
mozilla firefox 3.5.10
mozilla firefox 3.0.12
mozilla firefox 27.0
mozilla firefox 3.0.19
mozilla firefox 0.3
mozilla firefox 0.10
mozilla firefox 1.5.0.7
mozilla firefox 17.0.6
mozilla firefox 11.0
mozilla firefox 24.0
mozilla firefox 1.5.0.11
mozilla firefox 17.0.11
mozilla firefox 17.0.7
mozilla firefox 1.5.0.9
mozilla firefox 14.0
mozilla firefox 8.0
mozilla firefox 3.6.2
mozilla firefox 3.6.28
mozilla firefox 1.5
mozilla firefox 1.5.2
mozilla firefox 10.0.6
mozilla firefox 6.0.2
mozilla firefox 0.4
mozilla firefox 0.5
mozilla firefox 1.0
mozilla firefox 0.9
mozilla firefox 3.6.27
mozilla firefox 3.5
mozilla firefox 3.5.7
mozilla firefox 1.5.3
mozilla firefox 3.0.16
mozilla firefox 2.0.0.14
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
mozilla firefox 10.0.12
mozilla firefox 23.0
suse linux_enterprise_server 11
mozilla firefox 3.5.4
mozilla firefox 10.0.11
mozilla firefox 1.5.5
mozilla firefox 1.0.5
mozilla firefox 1.0.7
mozilla firefox 3.0.18
mozilla firefox 23.0.1
mozilla firefox 3.5.11
mozilla firefox 3.5.13
mozilla firefox 6.0.1
mozilla firefox 3.6.23
CVE-2014-1502 MEDIUM

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
opensuse_project opensuse 11.4
suse linux_enterprise_desktop 11
opensuse_project opensuse 12.3
opensuse opensuse 13.1
suse linux_enterprise_server 11
mozilla firefox *
CVE-2014-1504 LOW

The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla seamonkey *
suse linux_enterprise_sdk 11
oracle solaris 11.3
opensuse opensuse 11.4
opensuse opensuse 12.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
mozilla firefox *
CVE-2014-1505 MEDIUM

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
novell suse_linux_enterprise_software_development_kit 11.0
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1508 MEDIUM

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1509 MEDIUM

Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 13.10
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_tus 6.5
suse suse_linux_enterprise_desktop 11
opensuse opensuse 12.3
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2014-1510 HIGH

The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1511 HIGH

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1512 HIGH

Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1513 HIGH

TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1514 HIGH

vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
suse suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
suse suse_linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1518 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
mozilla thunderbird *
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1523 MEDIUM

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
mozilla thunderbird *
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1524 HIGH

The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
mozilla thunderbird *
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1529 HIGH

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
mozilla thunderbird *
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1530 MEDIUM

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
mozilla thunderbird *
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1531 HIGH

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
mozilla thunderbird *
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1532 HIGH

Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
mozilla thunderbird *
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla firefox_esr *
mozilla seamonkey *
fedoraproject fedora 20
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 12.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
fedoraproject fedora 19
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 13.10
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.5
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
CVE-2014-1737 HIGH

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-754,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.3
suse linux_enterprise_high_availability_extension 11
oracle linux 5
suse linux_enterprise_real_time_extension 11
oracle linux 6
suse linux_enterprise_desktop 11
linux linux_kernel *
redhat enterprise_linux_eus 5.6
debian debian_linux 7.0
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2014-1738 LOW

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.3
suse linux_enterprise_high_availability_extension 11
oracle linux 5
suse linux_enterprise_real_time_extension 11
oracle linux 6
suse linux_enterprise_desktop 11
linux linux_kernel *
redhat enterprise_linux_eus 5.6
debian debian_linux 7.0
debian debian_linux 6.0
suse linux_enterprise_server 11
CVE-2014-1739 LOW

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
suse linux_enterprise_high_availability_extension 11
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
linux linux_kernel *
canonical ubuntu_linux 13.10
CVE-2014-1874 MEDIUM

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
canonical ubuntu_linux 12.04
canonical ubuntu_linux 12.10
linux linux_kernel *
canonical ubuntu_linux 13.10
canonical ubuntu_linux 10.04
CVE-2014-1947 MEDIUM

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
imagemagick imagemagick *
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2014-2309 MEDIUM

The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse opensuse 11.4
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2014-2323 HIGH

SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_high_availability_extension 11
lighttpd lighttpd *
opensuse opensuse 11.4
opensuse opensuse 12.3
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
debian debian_linux 6.0
CVE-2014-2324 MEDIUM

Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
contec sv-cpt-mc310_firmware *
suse linux_enterprise_high_availability_extension 11
lighttpd lighttpd *
opensuse opensuse 11.4
opensuse opensuse 12.3
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
debian debian_linux 6.0
CVE-2014-2484 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql 5.6.16
oracle mysql *
oracle mysql 5.6.5
oracle mysql 5.6.6
oracle mysql 5.6.7
oracle mysql 5.6.12
oracle mysql 5.6.11
oracle mysql 5.6.8
oracle mysql 5.6.13
oracle mysql 5.6.14
oracle mysql 5.6.0
oracle mysql 5.6.1
oracle mysql 5.6.9
oracle mysql 5.6.2
oracle mysql 5.6.10
suse linux_enterprise_desktop 11.0
oracle mysql 5.6.3
oracle mysql 5.6.15
oracle mysql 5.6.4
suse linux_enterprise_server 11.0
CVE-2014-2494 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
mariadb mariadb *
CVE-2014-2497 MEDIUM

The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
oracle solaris 11.2
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.4
php php *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
debian debian_linux 8.0
CVE-2014-2706 HIGH

Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,

Products Affected

Vendor Product Version
suse linux_enterprise_high_availability_extension 11
oracle linux 7
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
oracle linux 6
linux linux_kernel *
CVE-2014-2977 HIGH

Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse opensuse 13.1
opensuse opensuse 13.2
directfb directfb 1.4.13
suse suse_linux_enterprise_server 12
CVE-2014-2978 HIGH

The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
directfb directfb 1.4.4
opensuse opensuse 13.1
opensuse opensuse 13.2
suse suse_linux_enterprise_server 12
CVE-2014-3153 HIGH

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.2
canonical ubuntu_linux 12.04
suse linux_enterprise_high_availability_extension 11
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
oracle linux 5
suse linux_enterprise_real_time_extension 11
oracle linux 6
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2014-3467 MEDIUM

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
gnu libtasn1 *
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_tus 6.5
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_high_availability_extension 11
redhat enterprise_linux_workstation 6.0
f5 arx_firmware *
gnu gnutls *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_aus 7.7
redhat virtualization 6.0
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
CVE-2014-3468 HIGH

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-131,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
gnu libtasn1 *
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_tus 6.5
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_high_availability_extension 11
redhat enterprise_linux_workstation 6.0
f5 arx_firmware *
gnu gnutls *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_aus 7.7
redhat virtualization 6.0
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
CVE-2014-3469 MEDIUM

The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
gnu libtasn1 *
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_tus 6.5
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_high_availability_extension 11
redhat enterprise_linux_workstation 6.0
gnu gnutls *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_aus 7.7
redhat virtualization 6.0
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
CVE-2014-3470 MEDIUM

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
fedoraproject fedora 19
openssl openssl *
redhat enterprise_linux 5
redhat storage 2.1
mariadb mariadb *
fedoraproject fedora 20
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
fedoraproject fedora *
opensuse opensuse 13.2
CVE-2014-3476 MEDIUM

OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with impersonation enabled to create a new token with additional roles.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
suse cloud 3
openstack keystone *
CVE-2014-3595 MEDIUM

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
suse manager_server -
redhat satellite 5.6
redhat spacewalk-java 1.2.39
redhat spacewalk-java 1.7.54
suse manager 1.7
redhat satellite_with_embedded_oracle 5.4
redhat spacewalk-java 2.0.2
redhat satellite 5.4
redhat satellite_with_embedded_oracle 5.5
redhat satellite 5.5
CVE-2014-3601 MEDIUM

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
suse linux_enterprise_real_time_extension 11.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
linux linux_kernel 3.16.0
opensuse evergreen 11.4
suse suse_linux_enterprise_server 11
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2014-3610 MEDIUM

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
opensuse evergreen 11.4
suse suse_linux_enterprise_server 11
linux linux_kernel *
canonical ubuntu_linux 10.04
debian debian_linux 7.0
CVE-2014-3646 MEDIUM

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux 5.0
canonical ubuntu_linux 12.04
opensuse evergreen 11.4
suse suse_linux_enterprise_server 11
linux linux_kernel *
debian debian_linux 7.0
CVE-2014-3647 LOW

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
redhat enterprise_linux 5.0
canonical ubuntu_linux 12.04
oracle linux 7
opensuse evergreen 11.4
suse suse_linux_enterprise_server 11
linux linux_kernel *
debian debian_linux 7.0
CVE-2014-3654 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) kickstart/cobbler/CustomSnippetList.do, (2) channels/software/Entitlements.do, or (3) admin/multiorg/OrgUsers.do.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
suse manager_server -
redhat satellite 5.6
suse manager 1.7
redhat spacewalk-java 2.0.2
redhat satellite_with_embedded_oracle 5.5
redhat satellite 5.5
CVE-2014-3673 HIGH

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_mrg 2.0
suse suse_linux_enterprise_server 11
suse suse_linux_enterprise_server 10
suse suse_linux_enterprise_server 12
redhat enterprise_linux 5.0
canonical ubuntu_linux 12.04
oracle linux 7
oracle linux 5
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_software_development_kit 12
oracle linux 6
linux linux_kernel *
debian debian_linux 7.0
CVE-2014-3687 HIGH

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,

Products Affected

Vendor Product Version
redhat enterprise_mrg 2.0
suse suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
canonical ubuntu_linux 12.04
oracle linux 7
oracle linux 5
novell suse_linux_enterprise_desktop 12.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_software_development_kit 12
oracle linux 6
linux linux_kernel *
debian debian_linux 7.0
CVE-2014-3690 MEDIUM

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
redhat enterprise_linux 5.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_desktop 12.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_software_development_kit 12
linux linux_kernel *
debian debian_linux 7.0
CVE-2014-3917 LOW

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
redhat enterprise_mrg 2.0
linux linux_kernel 3.14
linux linux_kernel 3.14.1
suse linux_enterprise_desktop 10.0
redhat enterprise_linux 5
linux linux_kernel 3.14.2
linux linux_kernel *
linux linux_kernel 3.14.3
linux linux_kernel 3.14.4
CVE-2014-4027 LOW

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
f5 big-ip_policy_enforcement_manager *
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_advanced_firewall_manager *
f5 big-iq_device *
f5 big-ip_application_acceleration_manager *
f5 big-ip_wan_optimization_manager *
suse linux_enterprise_desktop 11
f5 big-ip_application_security_manager 12.0.0
linux linux_kernel *
suse linux_enterprise_server 11
f5 big-ip_domain_name_system 12.0.0
redhat enterprise_linux 6.0
f5 big-iq_cloud *
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_edge_gateway *
f5 big-ip_webaccelerator *
f5 big-ip_analytics 12.0.0
f5 big-ip_access_policy_manager *
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_local_traffic_manager *
f5 big-iq_security *
f5 big-iq_application_delivery_controller 4.5.0
f5 big-ip_global_traffic_manager *
canonical ubuntu_linux 12.04
f5 enterprise_manager *
suse linux_enterprise_high_availability_extension 11
f5 big-ip_application_security_manager *
f5 big-ip_link_controller 12.0.0
f5 big-ip_link_controller *
f5 big-ip_protocol_security_module *
suse linux_enterprise_real_time_extension 11
f5 big-ip_analytics *
f5 big-ip_policy_enforcement_manager 12.0.0
CVE-2014-4038 MEDIUM

ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server 6.0
ppc64-diag_project ppc64-diag 2.6.1
suse linux_enterprise_server 11
CVE-2014-4039 LOW

ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server 6.0
ppc64-diag_project ppc64-diag 2.6.1
suse linux_enterprise_server 11
CVE-2014-4207 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
mariadb mariadb *
CVE-2014-4214 LOW

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql 5.6.16
oracle mysql *
oracle mysql 5.6.5
oracle mysql 5.6.6
oracle mysql 5.6.7
oracle mysql 5.6.12
oracle mysql 5.6.11
oracle mysql 5.6.8
oracle mysql 5.6.13
oracle mysql 5.6.14
oracle mysql 5.6.0
oracle mysql 5.6.1
oracle mysql 5.6.9
oracle mysql 5.6.2
oracle mysql 5.6.10
suse linux_enterprise_desktop 11.0
oracle mysql 5.6.3
oracle mysql 5.6.15
oracle mysql 5.6.4
suse linux_enterprise_server 11.0
CVE-2014-4243 LOW

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
mariadb mariadb *
CVE-2014-4258 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
vmware vcenter_server_appliance 5.0
vmware vcenter_server_appliance 5.5
mariadb mariadb *
suse linux_enterprise_software_development_kit 11
opensuse_project suse_linux_enterprise_server 11.0
oracle solaris 11.3
vmware vcenter_server_appliance 5.1
opensuse_project suse_linux_enterprise_software_development_kit 11.0
opensuse_project suse_linux_enterprise_desktop 11.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2014-4260 MEDIUM

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
debian debian_linux 7.0
suse linux_enterprise_server 11
mariadb mariadb *
CVE-2014-4287 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-4608 HIGH

Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is *not* affected; media hype.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
suse linux_enterprise_real_time_extension 11
linux linux_kernel *
canonical ubuntu_linux 10.04
suse linux_enterprise_server 11
CVE-2014-4652 LOW

Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.

CVSS 2.0

Severity: LOW

Problem Type: CWE-362,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
linux linux_kernel *
redhat enterprise_linux_desktop 6.0
CVE-2014-4653 MEDIUM

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
canonical ubuntu_linux 12.04
linux linux_kernel *
CVE-2014-4654 MEDIUM

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
canonical ubuntu_linux 12.04
linux linux_kernel *
CVE-2014-4655 MEDIUM

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
canonical ubuntu_linux 12.04
linux linux_kernel *
CVE-2014-4656 MEDIUM

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
redhat enterprise_linux_server_tus 6.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 6.6
linux linux_kernel *
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.6
CVE-2014-4667 MEDIUM

The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_server 10
canonical ubuntu_linux 12.04
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2014-4943 MEDIUM

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.2
opensuse opensuse 11.4
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2014-5077 HIGH

The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_server_aus 6.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_tus 6.5
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 11
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2014-6271 HIGH

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
novell zenworks_configuration_management 11
ibm qradar_vulnerability_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.9
mageia mageia 4.0
ibm software_defined_network_for_virtual_environments *
redhat enterprise_linux_for_ibm_z_systems 7.6_s390x
suse linux_enterprise_server 10
ibm qradar_security_information_and_event_manager 7.2.8
ibm storwize_v7000_firmware *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.2
oracle linux 5
novell zenworks_configuration_management 11.1
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_for_ibm_z_systems 7.5_s390x
suse linux_enterprise_software_development_kit 12
ibm smartcloud_entry_appliance 2.4.0
checkpoint security_gateway *
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_for_ibm_z_systems 7.7_s390x
f5 big-ip_application_security_manager 11.6.0
ibm qradar_security_information_and_event_manager 7.2.4
redhat enterprise_linux 6.0
redhat enterprise_linux_server_aus 6.5
apple mac_os_x *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.1
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_edge_gateway *
ibm qradar_vulnerability_manager 7.2.6
ibm workload_deployer *
vmware vcenter_server_appliance 5.0
redhat gluster_storage_server_for_on-premise 2.1
qnap qts *
ibm qradar_security_information_and_event_manager 7.2.1
f5 big-ip_link_controller 11.6.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.6
f5 traffix_signaling_delivery_controller 4.1.0
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.2
ibm infosphere_guardium_database_activity_monitoring 9.0
f5 traffix_signaling_delivery_controller 3.5.1
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_server_tus 7.6
vmware esx 4.1
f5 big-ip_protocol_security_module *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.7
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
opensuse opensuse 13.1
f5 big-ip_analytics *
ibm infosphere_guardium_database_activity_monitoring 8.2
redhat enterprise_linux_eus 6.4
canonical ubuntu_linux 14.04
ibm storwize_v3500_firmware *
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_desktop 6.0
f5 big-ip_advanced_firewall_manager *
f5 big-iq_device *
f5 big-ip_advanced_firewall_manager 11.6.0
ibm qradar_security_information_and_event_manager 7.2.3
opensuse opensuse 12.3
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
suse linux_enterprise_desktop 11
redhat enterprise_linux_for_power_big_endian 6.4_ppc64
ibm qradar_security_information_and_event_manager 7.1.2
redhat enterprise_linux_server_aus 5.9
ibm qradar_security_information_and_event_manager 7.1.1
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_webaccelerator *
ibm infosphere_guardium_database_activity_monitoring 9.1
ibm smartcloud_entry_appliance 3.1.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.8
f5 big-ip_policy_enforcement_manager 11.6.0
redhat enterprise_linux_for_scientific_computing 7.0
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
vmware vcenter_server_appliance 5.5
redhat enterprise_linux 7.0
ibm stn6800_firmware *
ibm security_access_manager_for_web_8.0_firmware 8.0.0.2
redhat enterprise_linux_for_scientific_computing 6.0
f5 big-iq_security *
ibm qradar_security_information_and_event_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.2.7
novell zenworks_configuration_management 11.3.0
f5 traffix_signaling_delivery_controller *
ibm qradar_vulnerability_manager 7.2.2
f5 traffix_signaling_delivery_controller 3.3.2
vmware vcenter_server_appliance 5.1
mageia mageia 3.0
ibm qradar_security_information_and_event_manager 7.2.0
redhat enterprise_linux_server_aus 7.7
suse studio_onsite 1.3
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_workstation 5.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.4
ibm storwize_v3700_firmware *
novell open_enterprise_server 2.0
arista eos *
vmware esx 4.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.3
ibm qradar_security_information_and_event_manager 7.2.5
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.5
redhat enterprise_linux_for_ibm_z_systems 6.5_s390x
redhat enterprise_linux_for_power_big_endian_eus 6.5_ppc64
ibm smartcloud_provisioning 2.1.0
ibm security_access_manager_for_web_8.0_firmware 8.0.0.3
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.3
redhat enterprise_linux_server_aus 5.6
redhat enterprise_linux 5.0
redhat enterprise_linux_server_aus 6.4
ibm qradar_risk_manager 7.1.0
f5 big-ip_application_acceleration_manager *
ibm qradar_security_information_and_event_manager 7.2.2
ibm security_access_manager_for_web_8.0_firmware 8.0.0.5
redhat enterprise_linux_for_ibm_z_systems 6.4_s390x
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_server 5.0
f5 traffix_signaling_delivery_controller 3.4.1
redhat enterprise_linux_for_ibm_z_systems 7.4_s390x
f5 big-iq_cloud *
ibm qradar_vulnerability_manager 7.2.4
f5 big-ip_access_policy_manager 11.6.0
ibm pureapplication_system *
ibm qradar_vulnerability_manager 7.2.8
canonical ubuntu_linux 10.04
gnu bash *
redhat enterprise_linux_for_ibm_z_systems 5.9_s390x
redhat enterprise_linux_eus 7.7
ibm smartcloud_entry_appliance 2.3.0
ibm smartcloud_entry_appliance 3.2.0
redhat enterprise_linux_server_from_rhui 6.0
ibm qradar_security_information_and_event_manager 7.2.6
ibm security_access_manager_for_web_7.0_firmware 7.0.0.5
debian debian_linux 7.0
redhat enterprise_linux_desktop 7.0
f5 big-ip_policy_enforcement_manager *
novell open_enterprise_server 11.0
ibm qradar_vulnerability_manager 7.2.0
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_server_tus 7.3
ibm pureapplication_system 2.0.0.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.1
ibm qradar_security_information_and_event_manager 7.2.8.15
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_for_power_big_endian 5.9_ppc
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
f5 big-ip_global_traffic_manager 11.6.0
redhat enterprise_linux_server_tus 6.5
f5 big-ip_wan_optimization_manager *
oracle linux 6
ibm qradar_security_information_and_event_manager 7.2
redhat virtualization 3.4
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
ibm stn7800_firmware *
f5 big-ip_analytics 11.6.0
oracle linux 4
ibm flex_system_v7000_firmware *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
qnap qts 4.1.1
redhat enterprise_linux_for_ibm_z_systems 7.3_s390x
ibm storwize_v5000_firmware *
novell zenworks_configuration_management 11.2
redhat enterprise_linux_eus 7.4
f5 big-ip_access_policy_manager *
ibm qradar_vulnerability_manager 7.2.1
f5 big-ip_local_traffic_manager *
redhat enterprise_linux_eus 7.6
f5 big-ip_global_traffic_manager *
redhat enterprise_linux_for_power_big_endian 5.0_ppc
ibm san_volume_controller_firmware *
citrix netscaler_sdx_firmware *
canonical ubuntu_linux 12.04
f5 enterprise_manager *
redhat enterprise_linux 4.0
f5 big-ip_application_security_manager *
ibm stn6500_firmware *
redhat enterprise_linux_workstation 6.0
f5 arx_firmware *
redhat enterprise_linux_eus 6.5
ibm starter_kit_for_cloud 2.2.0
f5 big-ip_link_controller *
suse linux_enterprise_server 12
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
suse linux_enterprise_desktop 12
novell zenworks_configuration_management 10.3
opensuse opensuse 13.2
redhat enterprise_linux_server_from_rhui 7.0
CVE-2014-6463 LOW

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6464 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6469 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6474 LOW

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6478 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
juniper junos_space *
CVE-2014-6484 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6494 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
juniper junos_space *
CVE-2014-6495 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
juniper junos_space *
CVE-2014-6496 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
juniper junos_space *
CVE-2014-6505 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6507 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6520 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6530 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6551 LOW

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6555 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6559 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
oracle solaris 11.3
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
juniper junos_space *
CVE-2014-6564 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
mariadb mariadb *
CVE-2014-6568 LOW

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
fedoraproject fedora 20
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
CVE-2014-7169 HIGH

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
novell zenworks_configuration_management 11
ibm qradar_vulnerability_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.9
mageia mageia 4.0
ibm software_defined_network_for_virtual_environments *
redhat enterprise_linux_for_ibm_z_systems 7.6_s390x
suse linux_enterprise_server 10
ibm qradar_security_information_and_event_manager 7.2.8
ibm storwize_v7000_firmware *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.2
oracle linux 5
novell zenworks_configuration_management 11.1
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_for_ibm_z_systems 7.5_s390x
suse linux_enterprise_software_development_kit 12
ibm smartcloud_entry_appliance 2.4.0
checkpoint security_gateway *
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_for_ibm_z_systems 7.7_s390x
f5 big-ip_application_security_manager 11.6.0
ibm qradar_security_information_and_event_manager 7.2.4
redhat enterprise_linux 6.0
redhat enterprise_linux_server_aus 6.5
apple mac_os_x *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 6.2
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.1
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_edge_gateway *
ibm qradar_vulnerability_manager 7.2.6
ibm workload_deployer *
vmware vcenter_server_appliance 5.0
redhat gluster_storage_server_for_on-premise 2.1
qnap qts *
ibm qradar_security_information_and_event_manager 7.2.1
f5 big-ip_link_controller 11.6.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.6
f5 traffix_signaling_delivery_controller 4.1.0
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.2
ibm infosphere_guardium_database_activity_monitoring 9.0
f5 traffix_signaling_delivery_controller 3.5.1
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_server_tus 7.6
vmware esx 4.1
f5 big-ip_protocol_security_module *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.7
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
opensuse opensuse 13.1
f5 big-ip_analytics *
ibm infosphere_guardium_database_activity_monitoring 8.2
redhat enterprise_linux_eus 6.4
canonical ubuntu_linux 14.04
ibm storwize_v3500_firmware *
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_desktop 6.0
f5 big-ip_advanced_firewall_manager *
f5 big-iq_device *
f5 big-ip_advanced_firewall_manager 11.6.0
ibm qradar_security_information_and_event_manager 7.2.3
opensuse opensuse 12.3
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
suse linux_enterprise_desktop 11
redhat enterprise_linux_for_power_big_endian 6.4_ppc64
ibm qradar_security_information_and_event_manager 7.1.2
redhat enterprise_linux_server_aus 5.9
ibm qradar_security_information_and_event_manager 7.1.1
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_webaccelerator *
ibm infosphere_guardium_database_activity_monitoring 9.1
ibm smartcloud_entry_appliance 3.1.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.8
f5 big-ip_policy_enforcement_manager 11.6.0
redhat enterprise_linux_for_scientific_computing 7.0
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
vmware vcenter_server_appliance 5.5
redhat enterprise_linux 7.0
ibm stn6800_firmware *
ibm security_access_manager_for_web_8.0_firmware 8.0.0.2
redhat enterprise_linux_for_scientific_computing 6.0
f5 big-iq_security *
ibm qradar_security_information_and_event_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.2.7
novell zenworks_configuration_management 11.3.0
f5 traffix_signaling_delivery_controller *
ibm qradar_vulnerability_manager 7.2.2
f5 traffix_signaling_delivery_controller 3.3.2
vmware vcenter_server_appliance 5.1
mageia mageia 3.0
ibm qradar_security_information_and_event_manager 7.2.0
redhat enterprise_linux_server_aus 7.7
suse studio_onsite 1.3
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_workstation 5.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.4
ibm storwize_v3700_firmware *
novell open_enterprise_server 2.0
arista eos *
vmware esx 4.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.3
ibm qradar_security_information_and_event_manager 7.2.5
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.5
redhat enterprise_linux_for_ibm_z_systems 6.5_s390x
redhat enterprise_linux_for_power_big_endian_eus 6.5_ppc64
ibm smartcloud_provisioning 2.1.0
ibm security_access_manager_for_web_8.0_firmware 8.0.0.3
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.3
redhat enterprise_linux_server_aus 5.6
redhat enterprise_linux 5.0
redhat enterprise_linux_server_aus 6.4
ibm qradar_risk_manager 7.1.0
f5 big-ip_application_acceleration_manager *
ibm qradar_security_information_and_event_manager 7.2.2
ibm security_access_manager_for_web_8.0_firmware 8.0.0.5
redhat enterprise_linux_for_ibm_z_systems 6.4_s390x
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_server 5.0
f5 traffix_signaling_delivery_controller 3.4.1
redhat enterprise_linux_for_ibm_z_systems 7.4_s390x
f5 big-iq_cloud *
ibm qradar_vulnerability_manager 7.2.4
f5 big-ip_access_policy_manager 11.6.0
ibm pureapplication_system *
ibm qradar_vulnerability_manager 7.2.8
canonical ubuntu_linux 10.04
gnu bash *
redhat enterprise_linux_for_ibm_z_systems 5.9_s390x
redhat enterprise_linux_eus 7.7
ibm smartcloud_entry_appliance 2.3.0
ibm smartcloud_entry_appliance 3.2.0
redhat enterprise_linux_server_from_rhui 6.0
ibm qradar_security_information_and_event_manager 7.2.6
ibm security_access_manager_for_web_7.0_firmware 7.0.0.5
debian debian_linux 7.0
redhat enterprise_linux_desktop 7.0
f5 big-ip_policy_enforcement_manager *
novell open_enterprise_server 11.0
ibm qradar_vulnerability_manager 7.2.0
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_server_tus 7.3
ibm pureapplication_system 2.0.0.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.1
ibm qradar_security_information_and_event_manager 7.2.8.15
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_for_power_big_endian 5.9_ppc
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
f5 big-ip_global_traffic_manager 11.6.0
redhat enterprise_linux_server_tus 6.5
f5 big-ip_wan_optimization_manager *
oracle linux 6
ibm qradar_security_information_and_event_manager 7.2
redhat virtualization 3.4
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
ibm stn7800_firmware *
f5 big-ip_analytics 11.6.0
oracle linux 4
ibm flex_system_v7000_firmware *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
qnap qts 4.1.1
redhat enterprise_linux_for_ibm_z_systems 7.3_s390x
ibm storwize_v5000_firmware *
novell zenworks_configuration_management 11.2
redhat enterprise_linux_eus 7.4
f5 big-ip_access_policy_manager *
ibm qradar_vulnerability_manager 7.2.1
f5 big-ip_local_traffic_manager *
redhat enterprise_linux_eus 7.6
f5 big-ip_global_traffic_manager *
redhat enterprise_linux_for_power_big_endian 5.0_ppc
ibm san_volume_controller_firmware *
citrix netscaler_sdx_firmware *
canonical ubuntu_linux 12.04
f5 enterprise_manager *
redhat enterprise_linux 4.0
f5 big-ip_application_security_manager *
ibm stn6500_firmware *
redhat enterprise_linux_workstation 6.0
f5 arx_firmware *
redhat enterprise_linux_eus 6.5
ibm starter_kit_for_cloud 2.2.0
f5 big-ip_link_controller *
suse linux_enterprise_server 12
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
suse linux_enterprise_desktop 12
novell zenworks_configuration_management 10.3
opensuse opensuse 13.2
redhat enterprise_linux_server_from_rhui 7.0
CVE-2014-7811 LOW

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat spacewalk -
redhat network_satellite *
suse manager 1.7
CVE-2014-7812 LOW

Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat spacewalk -
redhat satellite 5.6
suse manager 1.7
CVE-2014-7815 MEDIUM

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
redhat virtualization 3.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_eus 7.4
canonical ubuntu_linux 10.04
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_aus 7.3
qemu qemu *
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_eus 7.3
debian debian_linux 7.0
redhat enterprise_linux_workstation 7.0
CVE-2014-7826 HIGH

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
opensuse evergreen 11.4
suse suse_linux_enterprise_server 11
linux linux_kernel *
CVE-2014-8086 MEDIUM

Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 1.0 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
linux linux_kernel *
CVE-2014-8121 MEDIUM

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse suse_linux_enterprise_server 11.0
suse suse_linux_enterprise_desktop 11
gnu glibc *
CVE-2014-8134 LOW

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
opensuse evergreen 11.4
suse suse_linux_enterprise_server 11
oracle linux 6
linux linux_kernel *
opensuse opensuse 13.1
CVE-2014-8160 MEDIUM

net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_tus 6.5
suse linux_enterprise_software_development_kit 12
linux linux_kernel *
redhat enterprise_linux_server_eus 7.4
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_server_eus 6.6
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_server_eus 6.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.7
redhat enterprise_linux_server_aus 6.6
CVE-2014-8162 HIGH

XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat network_satellite *
suse manager 1.7
CVE-2014-8369 MEDIUM

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse evergreen 11.4
suse linux_enterprise_real_time_extension 11
suse suse_linux_enterprise_server 11
linux linux_kernel *
debian debian_linux 7.0
CVE-2014-8559 MEDIUM

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
canonical ubuntu_linux 12.04
oracle linux 7
novell suse_linux_enterprise_desktop 12.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_software_development_kit 12
linux linux_kernel *
opensuse opensuse 13.1
CVE-2014-9116 MEDIUM

The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mageia mageia 4.0
suse linux_enterprise_desktop 12
mutt mutt 1.5.23
debian debian_linux 7.0
suse suse_linux_enterprise_server 12
CVE-2014-9322 HIGH

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
google android 6.0
opensuse evergreen 11.4
google android 6.0.1
linux linux_kernel *
redhat enterprise_linux_eus 5.6
canonical ubuntu_linux 10.04
suse suse_linux_enterprise_server 10
CVE-2014-9584 LOW

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_eus 7.1
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_server 10
redhat enterprise_linux_server_aus 7.3
oracle linux 5
redhat enterprise_linux_eus 6.6
suse linux_enterprise_software_development_kit 12
linux linux_kernel *
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_server_eus 7.4
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_server 6.0
redhat enterprise_linux_aus 6.6
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_real_time_extension 11
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.7
CVE-2014-9585 LOW

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_eus 7.1
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_eus 6.6
suse linux_enterprise_software_development_kit 12
linux linux_kernel *
redhat enterprise_linux_server_eus 7.2
fedoraproject fedora 21
redhat enterprise_linux_server_eus 7.4
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_server 6.0
redhat enterprise_linux_aus 6.6
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_real_time_extension 11
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.7
CVE-2014-9761 HIGH

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse linux_enterprise_debuginfo 11.0
suse linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
fedoraproject fedora 23
suse suse_linux_enterprise_server 12
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 11.0
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_server 11.0
gnu glibc *
opensuse opensuse 13.2
CVE-2014-9844 MEDIUM

The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.10
opensuse_project leap 42.1
imagemagick imagemagick 6.8.8-9
opensuse_project suse_linux_enterprise_debuginfo 11.0
opensuse_project suse_linux_enterprise_software_development_kit 12.0
opensuse_project suse_linux_enterprise_desktop 12.0
opensuse_project suse_linux_enterprise_server 12.0
canonical ubuntu_linux 12.04
opensuse_project suse_linux_enterprise_server 11.0
opensuse_project suse_linux_enterprise_software_development_kit 11.0
opensuse_project suse_linux_enterprise_workstation_extension 12.0
suse studio_onsite 1.3
opensuse opensuse 13.2
CVE-2014-9845 MEDIUM

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.10
opensuse_project leap 42.1
imagemagick imagemagick 6.8.8-9
opensuse_project suse_linux_enterprise_debuginfo 11.0
opensuse_project suse_linux_enterprise_software_development_kit 12.0
opensuse_project suse_linux_enterprise_desktop 12.0
opensuse_project suse_linux_enterprise_server 12.0
canonical ubuntu_linux 12.04
opensuse leap 42.2
opensuse_project suse_linux_enterprise_server 11.0
opensuse_project suse_linux_enterprise_software_development_kit 11.0
opensuse_project suse_linux_enterprise_workstation_extension 12.0
suse studio_onsite 1.3
opensuse opensuse 13.2
CVE-2014-9846 HIGH

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.10
opensuse_project leap 42.1
imagemagick imagemagick 6.8.8-9
opensuse_project suse_linux_enterprise_debuginfo 11.0
opensuse_project suse_linux_enterprise_software_development_kit 12.0
opensuse_project suse_linux_enterprise_desktop 12.0
opensuse_project suse_linux_enterprise_server 12.0
canonical ubuntu_linux 12.04
opensuse leap 42.2
opensuse_project suse_linux_enterprise_server 11.0
opensuse_project suse_linux_enterprise_software_development_kit 11.0
opensuse_project suse_linux_enterprise_workstation_extension 12.0
suse studio_onsite 1.3
opensuse opensuse 13.2
CVE-2014-9852 HIGH

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-913,

Products Affected

Vendor Product Version
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
imagemagick imagemagick *
opensuse opensuse 13.2
CVE-2014-9853 MEDIUM

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.10
novell leap 42.2
suse linux_enterprise_debuginfo 11
canonical ubuntu_linux 12.04
opensuse_project suse_linux_enterprise_software_development_kit 11.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
imagemagick imagemagick *
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2014-9854 MEDIUM

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.10
opensuse leap 42.1
imagemagick imagemagick *
opensuse opensuse 13.2
suse linux_enterprise_server 11
suse suse_linux_enterprise_server 12
CVE-2015-0192 HIGH

Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 6.6
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 7.1
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_server 10
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
ibm java *
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 6.6
CVE-2015-0272 MEDIUM

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
gnome networkmanager *
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle linux 7
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2015-0311 HIGH

Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
microsoft internet_explorer 11
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_desktop 11
adobe flash_player *
microsoft edge -
microsoft internet_explorer 10
CVE-2015-0313 HIGH

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
microsoft internet_explorer 11
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_desktop 11
adobe flash_player *
microsoft edge -
opensuse opensuse 13.1
microsoft internet_explorer 10
opensuse opensuse 13.2
CVE-2015-0346 HIGH

Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0359.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0347 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0348 HIGH

Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0349 HIGH

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0351, CVE-2015-0358, and CVE-2015-3039.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0350 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0351 HIGH

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0358, and CVE-2015-3039.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0352 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0353 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0354 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0355 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0358 HIGH

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-3039.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0360 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-0374 LOW

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
fedoraproject fedora 20
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
CVE-2015-0381 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
oracle communications_policy_management 9.9.1
oracle communications_policy_management 10.4.1
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
fedoraproject fedora 20
oracle communications_policy_management 12.1.1
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
oracle communications_policy_management *
CVE-2015-0382 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
oracle communications_policy_management 9.9.1
oracle communications_policy_management 10.4.1
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
fedoraproject fedora 20
oracle communications_policy_management 12.1.1
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
oracle communications_policy_management *
CVE-2015-0391 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_workstation 5.0
CVE-2015-0413 LOW

Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jdk 1.7.0
oracle jre 1.8.0
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
suse suse_linux_enterprise_server 11.0
oracle jre 1.7.0
oracle jdk 1.8.0
CVE-2015-0432 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_hpc_node 7.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mariadb mariadb *
canonical ubuntu_linux 12.04
oracle solaris 11.3
fedoraproject fedora 20
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 7.0
CVE-2015-0433 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
oracle communications_policy_management 9.9.1
suse linux_enterprise_software_development_kit 11
oracle communications_policy_management 10.4.1
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
oracle communications_policy_management 12.1.1
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
oracle communications_policy_management *
redhat enterprise_linux_eus 7.1
CVE-2015-0439 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse suse_linux_enterprise_server 11.0
suse suse_linux_enterprise_software_development_kit 11.0
novell suse_linux_enterprise_desktop 11
novell suse_linux_enterprise_server 11.0
CVE-2015-0441 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
redhat enterprise_linux_eus 7.1
CVE-2015-0484 MEDIUM

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jdk 1.7.0
oracle javafx 2.2.76
oracle jre 1.8.0
oracle jre 1.7.0
oracle jdk 1.8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2015-0491 HIGH

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jdk 1.7.0
oracle javafx 2.2.76
oracle jre 1.6.0
oracle jre 1.8.0
oracle jre 1.7.0
suse suse_linux_enterprise_desktop 11.0
oracle jre 1.5.0
oracle jdk 1.6.0
oracle jdk 1.5.0
oracle jdk 1.8.0
opensuse opensuse 13.2
CVE-2015-0492 HIGH

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jdk 1.7.0
oracle javafx 2.2.76
oracle jre 1.6.0
oracle jre 1.8.0
oracle jre 1.7.0
oracle jre 1.5.0
oracle jdk 1.6.0
oracle jdk 1.5.0
oracle jdk 1.8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2015-0499 LOW

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
redhat enterprise_linux_eus 7.1
CVE-2015-0500 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle communications_policy_management 9.9.1
oracle mysql *
oracle communications_policy_management 10.4.1
suse suse_linux_enterprise_server 11.0
oracle communications_policy_management 12.1.1
suse suse_linux_enterprise_software_development_kit 11.0
suse suse_linux_enterprise_desktop 11.0
oracle communications_policy_management *
CVE-2015-0501 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
juniper junos_space *
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
redhat enterprise_linux_eus 7.1
CVE-2015-0505 LOW

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
redhat enterprise_linux_eus 7.1
CVE-2015-0778 HIGH

osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
fedoraproject fedora 20
fedoraproject fedora 22
suse opensuse_osc *
opensuse opensuse 13.1
fedoraproject fedora 21
opensuse opensuse 13.2
CVE-2015-0797 MEDIUM

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
mozilla thunderbird *
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla seamonkey *
suse linux_enterprise_software_development_kit 11
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_eus 6.6
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
gstreamer_project gstreamer *
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
redhat enterprise_linux_eus 7.1
redhat enterprise_linux_server_aus 6.6
CVE-2015-1241 MEDIUM

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_eus 6.6
google chrome *
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 6.0
suse linux_enterprise 12.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 15.04
redhat enterprise_linux_eus 6.6
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_server_aus 6.6
CVE-2015-1283 MEDIUM

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
libexpat_project libexpat *
google chrome *
canonical ubuntu_linux 14.04
python python *
oracle solaris 10
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
debian debian_linux 9.0
canonical ubuntu_linux 15.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
suse studio_onsite 1.3
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2015-1781 MEDIUM

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.04
suse linux_enterprise_desktop 11
debian debian_linux 7.0
gnu glibc *
suse linux_enterprise_server 11
suse linux_enterprise_debuginfo 11
CVE-2015-1931

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_desktop 5.0
redhat satellite 5.7
redhat enterprise_linux_server 6.0
redhat satellite 5.6
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 6.7
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
ibm java_sdk *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_eus 7.1
CVE-2015-2041 MEDIUM

net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
debian debian_linux *
linux linux_kernel *
suse suse_linux_enterprise_server 10
CVE-2015-2568 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
oracle communications_policy_management 9.9.1
suse linux_enterprise_software_development_kit 11
oracle communications_policy_management 10.4.1
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
oracle communications_policy_management 12.1.1
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
oracle communications_policy_management *
redhat enterprise_linux_eus 7.1
CVE-2015-2571 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
redhat enterprise_linux_eus 7.1
CVE-2015-2573 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
redhat enterprise_linux_eus 7.1
CVE-2015-2575 MEDIUM

Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mysql mysql *
suse linux_enterprise_desktop 11
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2015-2576 LOW

Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2015-2590 HIGH

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat satellite 5.7
redhat enterprise_linux_for_ibm_z_systems_eus 7.1_s390x
redhat enterprise_linux_for_power_little_endian_eus 7.1_ppc64le
redhat enterprise_linux_eus 6.7
suse linux_enterprise_debuginfo 11
redhat enterprise_linux_for_ibm_z_systems_eus 7.4_s390x
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_for_ibm_z_systems_eus 6.7_s390x
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_for_power_little_endian_eus 7.2_ppc64le
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
redhat enterprise_linux_for_power_little_endian_eus 7.5_ppc64le
redhat enterprise_linux_server_tus 7.6
oracle jre 1.7.0
redhat enterprise_linux_for_ibm_z_systems_eus 7.2_s390x
redhat enterprise_linux_for_power_big_endian_eus 7.1_ppc64
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_eus 7.1
redhat enterprise_linux_desktop 7.0
oracle jre 1.6.0
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat satellite 5.6
redhat enterprise_linux_for_ibm_z_systems_eus 7.3_s390x
redhat enterprise_linux_for_ibm_z_systems 6.0_s390x
redhat enterprise_linux_server_aus 7.4
oracle jdk 1.8.0
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 7.3
canonical ubuntu_linux 15.04
redhat enterprise_linux_eus 6.6
suse linux_enterprise_desktop 11
redhat enterprise_linux_for_power_little_endian 7.0_ppc64le
oracle jdk 1.6.0
redhat enterprise_linux_workstation 7.0
oracle jre 1.8.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.2_ppc64
redhat enterprise_linux_for_ibm_z_systems_eus 7.5_s390x
oracle jdk 1.7.0
redhat enterprise_linux_for_power_big_endian_eus 6.7_ppc64
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_for_power_little_endian_eus 7.4_ppc64le
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_for_power_little_endian_eus 7.3_ppc64le
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_server_aus 6.6
CVE-2015-2695 MEDIUM

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-763,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
mit kerberos_5 *
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
oracle solaris 11.3
debian debian_linux 9.0
canonical ubuntu_linux 15.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
suse linux_enterprise_desktop 11
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2015-2696 HIGH

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-18,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
mit kerberos_5 *
canonical ubuntu_linux 12.04
debian debian_linux 9.0
canonical ubuntu_linux 15.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2015-2697 MEDIUM

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
mit kerberos_5 *
canonical ubuntu_linux 12.04
oracle solaris 11.3
debian debian_linux 9.0
canonical ubuntu_linux 15.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2015-2734 HIGH

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 31.1.1
mozilla firefox 38.0
mozilla thunderbird *
mozilla firefox *
mozilla firefox 31.0
mozilla firefox_esr 31.3
mozilla firefox_esr 31.2
oracle solaris 11.3
mozilla firefox_esr 38.0
mozilla firefox 31.3.0
canonical ubuntu_linux 15.04
mozilla firefox 31.5.3
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_server 11
mozilla firefox_esr 31.6.0
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
suse suse_linux_enterprise_server 12
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.7.0
suse linux_enterprise_desktop 12
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.2
debian debian_linux 7.0
debian debian_linux 8.0
mozilla firefox_esr 31.4
mozilla firefox 31.1.0
CVE-2015-2737 HIGH

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 31.1.1
mozilla firefox 38.0
mozilla thunderbird *
mozilla firefox *
mozilla firefox 31.0
mozilla firefox_esr 31.3
mozilla firefox_esr 31.2
oracle solaris 11.3
mozilla firefox_esr 38.0
mozilla firefox 31.3.0
canonical ubuntu_linux 15.04
mozilla firefox 31.5.3
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_server 11
mozilla firefox_esr 31.6.0
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
suse suse_linux_enterprise_server 12
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.7.0
suse linux_enterprise_desktop 12
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.2
debian debian_linux 7.0
debian debian_linux 8.0
mozilla firefox_esr 31.4
mozilla firefox 31.1.0
CVE-2015-2738 HIGH

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 31.1.1
mozilla firefox 38.0
mozilla thunderbird *
mozilla firefox *
mozilla firefox 31.0
mozilla firefox_esr 31.3
mozilla firefox_esr 31.2
oracle solaris 11.3
mozilla firefox_esr 38.0
mozilla firefox 31.3.0
canonical ubuntu_linux 15.04
mozilla firefox 31.5.3
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_server 11
mozilla firefox_esr 31.6.0
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
suse suse_linux_enterprise_server 12
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.7.0
suse linux_enterprise_desktop 12
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.2
debian debian_linux 7.0
debian debian_linux 8.0
mozilla firefox_esr 31.4
mozilla firefox 31.1.0
CVE-2015-2808 MEDIUM

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat satellite 5.7
huawei s5700s-li_firmware -
oracle integrated_lights_out_manager_firmware *
suse linux_enterprise_server 10
oracle http_server 12.1.3.0.0
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.3
huawei s3700_firmware -
redhat enterprise_linux_desktop 5.0
huawei oceanstor_cse_firmware -
huawei oceanstor_s5600t_firmware -
oracle http_server 11.1.1.9.0
redhat enterprise_linux_server_tus 7.6
huawei s5720ei_firmware -
huawei oceanstor_s5800t_firmware -
huawei oceanstor_9000_firmware -
huawei s5710hi_firmware -
opensuse opensuse 13.1
oracle http_server 11.1.1.7.0
canonical ubuntu_linux 14.04
ibm cognos_metrics_manager 10.2
redhat satellite 5.6
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_desktop 6.0
fujitsu sparc_enterprise_m9000_firmware *
huawei oceanstor_vis6600t_firmware -
redhat enterprise_linux_eus 6.6
suse linux_enterprise_desktop 11
huawei oceanstor_18800_firmware -
huawei s5700hi_firmware -
huawei policy_center v100r003c10
huawei s5710ei_firmware -
huawei ultravr v100r003c00
huawei oceanstor_replicationdirector v100r003c00
redhat enterprise_linux_server_aus 7.7
huawei smc2.0 v100r002c03
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
oracle communications_policy_management *
redhat enterprise_linux_server_aus 6.6
fujitsu sparc_enterprise_m5000_firmware *
huawei oceanstor_s2600t_firmware -
huawei e9000_firmware -
huawei s5720hi_firmware -
suse linux_enterprise_debuginfo 11
huawei s5700li_firmware -
huawei oceanstor_18800f_firmware -
suse manager 1.7
oracle http_server 12.2.1.2.0
redhat enterprise_linux_eus 7.5
fujitsu sparc_enterprise_m3000_firmware *
huawei oceanstor_s6800t_firmware -
huawei 9700_firmware -
huawei e6000_firmware -
redhat enterprise_linux_server 5.0
huawei smc2.0 v100r002c04
huawei smc2.0 v100r002c01
huawei oceanstor_hvs85t_firmware -
redhat enterprise_linux_eus 7.2
huawei quidway_s9300_firmware -
redhat enterprise_linux_eus 7.7
huawei s5700si_firmware -
huawei s2750_firmware -
huawei s6700_firmware -
oracle communications_application_session_controller *
debian debian_linux 7.0
huawei s12700_firmware -
redhat enterprise_linux_eus 7.1
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
fujitsu sparc_enterprise_m4000_firmware *
fujitsu sparc_enterprise_m8000_firmware *
huawei s2700_firmware -
redhat enterprise_linux_server_tus 7.7
ibm cognos_metrics_manager 10.2.1
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
canonical ubuntu_linux 15.04
ibm cognos_metrics_manager 10.1
ibm cognos_metrics_manager 10.1.1
huawei s7700_firmware -
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
oracle http_server 12.2.1.1.0
huawei s5700ei_firmware -
redhat enterprise_linux_server 6.0
huawei oceanstor_s5500t_firmware -
redhat enterprise_linux_eus 7.4
ibm cognos_metrics_manager 10.2.2
huawei te60_firmware -
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
huawei policy_center v100r003c00
huawei smc2.0 v100r002c02
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
huawei oceanstor_18500_firmware -
opensuse opensuse 13.2
CVE-2015-3038 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-3039 HIGH

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-3040 MEDIUM

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-3041 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3042, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-3042 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3043.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop_supplementary 6.0
redhat enterprise_linux_server_supplementary 6.0
redhat enterprise_linux_desktop_supplementary 5.0
adobe flash_player 14.0.0.176
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 15.0.0.223
suse suse_linux_enterprise_desktop 12.0
adobe flash_player 14.0.0.145
adobe flash_player 17.0.0.134
adobe flash_player 16.0.0.257
suse suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_workstation_supplementary 6.0
redhat enterprise_linux_server_supplementary 5.0
suse suse_linux_workstation_extension 12.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.152
adobe flash_player 14.0.0.125
adobe flash_player *
opensuse opensuse 13.1
adobe flash_player 16.0.0.235
opensuse opensuse 13.2
CVE-2015-3113 HIGH

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-122,

Products Affected

Vendor Product Version
hp insight_orchestration *
redhat enterprise_linux_server 6.0
hp version_control_repository_manager *
hp version_control_repository_manager 7.6
redhat enterprise_linux_desktop 6.0
hp systems_insight_manager *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.6
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
hp version_control_agent *
hp virtual_connect_enterprise_manager *
adobe flash_player *
opensuse opensuse 13.1
opensuse opensuse 13.2
hp system_management_homepage *
CVE-2015-3195 MEDIUM

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
oracle solaris 10
oracle communications_webrtc_session_controller 7.1
oracle integrated_lights_out_manager_firmware *
suse linux_enterprise_server 10
oracle linux 5
redhat enterprise_linux_server 5.0
apple mac_os_x *
redhat enterprise_linux_desktop 5.0
oracle http_server 11.5.10.2
oracle api_gateway 11.1.2.4.0
oracle api_gateway 11.1.2.3.0
oracle communications_webrtc_session_controller 7.2
oracle transportation_management 6.1
redhat enterprise_linux_server_tus 7.6
oracle linux 7
redhat enterprise_linux_server_aus 7.2
opensuse leap 42.1
oracle vm_virtualbox *
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.2
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
oracle transportation_management 6.2
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
oracle exalogic_infrastructure 2.0
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
canonical ubuntu_linux 15.04
oracle sun_ray_software 11.1
oracle communications_webrtc_session_controller 7.0
oracle linux 6
fedoraproject fedora 22
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
openssl openssl *
canonical ubuntu_linux 12.04
oracle vm_server 3.2
redhat enterprise_linux_workstation 6.0
oracle life_sciences_data_hub 2.1
opensuse opensuse 11.4
oracle exalogic_infrastructure 1.0
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2015-3209 HIGH

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
arista eos 4.13
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
redhat virtualization 3.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_debuginfo 11
juniper junos_space *
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 11
fedoraproject fedora 20
canonical ubuntu_linux 15.04
redhat enterprise_linux_eus 6.6
qemu qemu *
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
fedoraproject fedora 22
fedoraproject fedora 21
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_tus 6.6
redhat openstack 5.0
arista eos 4.12
arista eos 4.15
redhat enterprise_linux_server 6.0
arista eos 4.14
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
redhat enterprise_linux_server_aus 6.6
CVE-2015-3340 LOW

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
xen xen 4.3.2
xen xen 4.2.5
xen xen 4.3.0
xen xen 4.5.0
xen xen 4.4.1
suse suse_linux_enterprise_server 11.0
fedoraproject fedora 20
xen xen 4.2.0
suse linux_enterprise_software_development_kit 12
xen xen 4.2.2
fedoraproject fedora 22
fedoraproject fedora 21
xen xen 4.3.3
xen xen 4.2.4
xen xen 4.2.3
xen xen 4.3.1
suse suse_linux_enterprise_software_development_kit 11.0
suse suse_linux_enterprise_desktop 11.0
suse suse_linux_enterprise_server 12
xen xen 4.3.4
xen xen 4.4.0
xen xen 4.2.1
xen xen 4.4.2
suse linux_enterprise_desktop 12
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
CVE-2015-3405 MEDIUM

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-331,

Products Affected

Vendor Product Version
ntp ntp 4.3.3
ntp ntp 4.3.7
redhat enterprise_linux_desktop 6.0
suse suse_linux_enterprise_server 11.0
opensuse suse_linux_enterprise_server 11.0
redhat enterprise_linux_server_from_rhui_6 6.0
ntp ntp 4.3.6
redhat enterprise_linux_for_power_big_endian 6.0
ntp ntp 4.3.2
fedoraproject fedora 21
ntp ntp 4.2.8
redhat enterprise_linux_server 6.0
ntp ntp 4.3.9
ntp ntp 4.3.5
redhat enterprise_linux_for_scientific_computing 6.0
ntp ntp 4.3.0
ntp ntp 4.3.11
redhat enterprise_linux_workstation 6.0
ntp ntp 4.3.1
ntp ntp 4.3.4
opensuse_project suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_for_ibm_z_systems 6.0
debian debian_linux 7.0
debian debian_linux 8.0
ntp ntp 4.3.8
ntp ntp 4.3.10
CVE-2015-4000 MEDIUM

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
oracle jre 1.6.0
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
oracle sparc-opl_service_processor *
oracle jdk 1.8.0
mozilla firefox 39.0
mozilla thunderbird 38.1
canonical ubuntu_linux 15.04
oracle jrockit r28.3.6
suse linux_enterprise_software_development_kit 12
mozilla firefox_esr 38.1.0
oracle jdk 1.6.0
suse linux_enterprise_server 11.0
ibm content_manager 8.5
hp hp-ux b.11.31
apple mac_os_x *
oracle jre 1.8.0
mozilla thunderbird 31.8
apple safari -
openssl openssl *
apple iphone_os *
suse suse_linux_enterprise_server 12
microsoft internet_explorer -
oracle jdk 1.7.0
mozilla network_security_services 3.19
canonical ubuntu_linux 12.04
google chrome -
mozilla firefox_os 2.2
oracle jre 1.7.0
mozilla seamonkey 2.35
suse linux_enterprise_desktop 12
opera opera_browser -
mozilla firefox_esr 31.8
mozilla firefox -
debian debian_linux 7.0
debian debian_linux 8.0
mozilla firefox 38.1.0
CVE-2015-4106 MEDIUM

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
citrix xenserver 6.1.0
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
citrix xenserver 6.2.0
citrix xenserver 6.0
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
citrix xenserver 6.5
fedoraproject fedora 20
canonical ubuntu_linux 15.04
qemu qemu *
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
fedoraproject fedora 22
debian debian_linux 7.0
fedoraproject fedora 21
citrix xenserver 6.0.2
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2015-4495 MEDIUM

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,CWE-346,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr 38.0.1
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox_esr 38.0.5
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_eus 6.7
redhat enterprise_linux_desktop 6.0
mozilla firefox *
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr 38.0
canonical ubuntu_linux 15.04
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
mozilla firefox_esr 38.1.0
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
mozilla firefox_os *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.4
novell suse_linux_enterprise_server 12.0
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_workstation 6.0
novell suse_linux_enterprise_desktop 12.0
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_eus 7.1
CVE-2015-4680 MEDIUM

FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
freeradius freeradius 2.2.3
freeradius freeradius 3.0.5
freeradius freeradius 2.2.1
freeradius freeradius 3.0.8
freeradius freeradius 3.0.3
freeradius freeradius 2.2.4
freeradius freeradius 2.2.2
freeradius freeradius 3.0.1
freeradius freeradius 3.0.2
freeradius freeradius 3.0.6
freeradius freeradius 3.0.7
freeradius freeradius 2.2.0
freeradius freeradius 2.2.5
freeradius freeradius 3.0.4
freeradius freeradius 2.2.6
freeradius freeradius 2.2.7
freeradius freeradius 3.0.0
suse linux_enterprise_server 12
suse linux_enterprise_software_development_kit 12
CVE-2015-4830 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
fedoraproject fedora 23
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
canonical ubuntu_linux 15.04
suse linux_enterprise_desktop 11
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
oracle mysql *
canonical ubuntu_linux 15.10
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 7.7
opensuse leap 42.1
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_eus 7.1
CVE-2015-4902 MEDIUM

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,CWE-284,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat satellite 5.7
redhat enterprise_linux_eus 6.7
suse linux_enterprise_server 10
redhat enterprise_linux_for_ibm_z_systems_eus 7.4_s390x
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_for_ibm_z_systems_eus 6.7_s390x
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_for_ibm_z_systems 7.0_s390x
redhat enterprise_linux_for_power_little_endian_eus 7.2_ppc64le
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
redhat enterprise_linux_eus_compute_node 7.2
redhat enterprise_linux_for_power_little_endian_eus 7.5_ppc64le
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_for_ibm_z_systems 5.0_s390x
oracle jre 1.7.0
redhat enterprise_linux_server_from_rhui 6.0
opensuse leap 42.1
redhat enterprise_linux_for_ibm_z_systems_eus 7.2_s390x
redhat enterprise_linux_desktop 7.0
oracle jre 1.6.0
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat satellite 5.6
redhat enterprise_linux_for_ibm_z_systems_eus 7.3_s390x
redhat enterprise_linux_for_ibm_z_systems 6.0_s390x
oracle jdk 1.8.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus_compute_node 7.3
redhat enterprise_linux_for_power_little_endian 7.0_ppc64le
oracle jdk 1.6.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
oracle jre 1.8.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
suse linux_enterprise_module_for_legacy 12
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_for_scientific_computing 7.0
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.2_ppc64
redhat enterprise_linux_for_ibm_z_systems_eus 7.5_s390x
redhat enterprise_linux_for_scientific_computing 6.0
oracle jdk 1.7.0
redhat enterprise_linux_for_power_big_endian_eus 6.7_ppc64
redhat enterprise_linux_for_power_big_endian 5.0_ppc
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux_for_power_little_endian_eus 7.4_ppc64le
redhat enterprise_linux_for_power_little_endian_eus 7.3_ppc64le
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server_from_rhui 7.0
CVE-2015-5006 LOW

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_desktop 5.0
redhat satellite 5.7
redhat enterprise_linux_server 6.0
redhat satellite 5.6
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_desktop 6.0
ibm java_2_sdk *
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_eus 7.3
ibm java_sdk *
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_server_eus 6.7
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
CVE-2015-5041 MEDIUM

The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
ibm java_sdk *
ibm websphere_application_server *
redhat satellite 5.7
redhat satellite 5.6
suse linux_enterprise_server 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_server 11
suse suse_linux_enterprise_server 12
CVE-2015-5119 HIGH

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_eus 6.6
redhat enterprise_linux_server_from_rhui 6.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_desktop 11
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.6
CVE-2015-5122 HIGH

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server_eus 6.6
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_desktop 11
adobe flash_player *
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2015-5123 HIGH

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server_eus 6.6
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_desktop 11
adobe flash_player *
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 5.0
CVE-2015-5154 HIGH

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
fedoraproject fedora 23
xen xen 4.5.1
xen xen *
suse suse_linux_enterprise_server 12
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
qemu qemu *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
fedoraproject fedora 22
fedoraproject fedora 21
suse linux_enterprise_server 11
CVE-2015-5165 HIGH

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-908,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.6
redhat virtualization 3.0
redhat enterprise_linux_server_update_services_for_sap_solutions 7.7
redhat enterprise_linux_compute_node_eus 7.5
redhat enterprise_linux_eus 6.7
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 10
redhat enterprise_linux_server_eus_from_rhui 6.7
redhat enterprise_linux_for_power_big_endian 7.0
fedoraproject fedora 21
redhat openstack 5.0
arista eos 4.12
arista eos 4.15
redhat enterprise_linux_compute_node_eus 7.4
redhat enterprise_linux_server_eus 7.5
xen xen *
redhat openstack 6.0
arista eos 4.14
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_compute_node_eus 7.7
oracle linux 7
redhat enterprise_linux_server_from_rhui 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.1_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
debian debian_linux 7.0
arista eos 4.13
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_eus 7.1
redhat enterprise_linux_server_aus 7.4
xen xen 4.5.1
redhat enterprise_linux_server_update_services_for_sap_solutions 7.3
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_update_services_for_sap_solutions 7.6
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_update_services_for_sap_solutions 7.2
redhat enterprise_linux_for_power_big_endian 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
redhat enterprise_linux_server_update_services_for_sap_solutions 7.4
redhat enterprise_linux_server_eus 7.2
fedoraproject fedora 22
redhat enterprise_linux_compute_node_eus 7.6
redhat enterprise_linux_server_eus 7.4
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_for_scientific_computing 7.0
redhat enterprise_linux_eus_compute_node 6.7
redhat enterprise_linux_for_power_big_endian_eus 7.2_ppc64
redhat enterprise_linux_for_scientific_computing 6.0
redhat enterprise_linux_compute_node_eus 7.2
redhat enterprise_linux_compute_node_eus 7.3
redhat enterprise_linux_for_power_big_endian_eus 6.7_ppc64
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_aus 7.6
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.7
redhat enterprise_linux_server_from_rhui 7.0
redhat enterprise_linux_compute_node_eus 7.1
CVE-2015-5194 MEDIUM

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_hpc_node 7.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
ntp ntp *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
suse manager_proxy 2.1
suse manager 2.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 10
redhat enterprise_linux_hpc_node 6.0
suse openstack_cloud 5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 15.04
fedoraproject fedora 22
debian debian_linux 7.0
fedoraproject fedora 21
debian debian_linux 8.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
CVE-2015-5219 MEDIUM

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-704,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.04
novell leap 42.2
fedoraproject fedora 23
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 10
redhat enterprise_linux_hpc_node 6.0
siemens tim_4r-id_dnp3_firmware *
canonical ubuntu_linux 15.04
oracle linux 6
fedoraproject fedora 22
fedoraproject fedora 21
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_hpc_node 7.0
ntp ntp *
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
suse manager_proxy 2.1
suse manager 2.1
siemens tim_4r-ie_firmware *
suse openstack_cloud 5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
opensuse leap 42.1
debian debian_linux 7.0
debian debian_linux 8.0
CVE-2015-5239 MEDIUM

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,

Products Affected

Vendor Product Version
arista eos 4.13
arista eos 4.12
canonical ubuntu_linux 14.04
arista eos 4.15
fedoraproject fedora 23
suse linux_enterprise_debuginfo 11
arista eos 4.14
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
qemu qemu *
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
fedoraproject fedora 22
fedoraproject fedora 21
suse linux_enterprise_server 11
CVE-2015-5300 MEDIUM

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-361,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_eus 7.1
redhat enterprise_linux_hpc_node_eus 7.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 10
redhat enterprise_linux_hpc_node 6.0
canonical ubuntu_linux 15.04
suse linux_enterprise_software_development_kit 12
fedoraproject fedora 22
fedoraproject fedora 21
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_hpc_node 7.0
ntp ntp *
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
suse manager_proxy 2.1
suse manager 2.1
suse suse_linux_enterprise_server 12
redhat enterprise_linux_server_eus 6.7.z
suse openstack_cloud 5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 42.1
debian debian_linux 7.0
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2015-5707 MEDIUM

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.04
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_server 11
linux linux_kernel *
debian debian_linux 7.0
debian debian_linux 8.0
CVE-2015-5969 LOW

The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
opensuse opensuse 13.2
CVE-2015-6855 MEDIUM

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-369,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
fedoraproject fedora 23
arista eos -
canonical ubuntu_linux 12.04
debian debian_linux 9.0
canonical ubuntu_linux 15.04
qemu qemu *
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
fedoraproject fedora 22
debian debian_linux 7.0
fedoraproject fedora 21
debian debian_linux 8.0
CVE-2015-7547 MEDIUM

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
sophos unified_threat_management_software 9.319
gnu glibc 2.20
sophos unified_threat_management_software 9.355
gnu glibc 2.9
gnu glibc 2.12.1
gnu glibc 2.14
hp helion_openstack 1.1.1
gnu glibc 2.11.2
gnu glibc 2.13
gnu glibc 2.15
suse linux_enterprise_software_development_kit 12
gnu glibc 2.14.1
f5 big-ip_application_acceleration_manager 12.0.0
gnu glibc 2.19
gnu glibc 2.11.1
f5 big-ip_analytics 12.0.0
suse suse_linux_enterprise_server 12
gnu glibc 2.11.3
gnu glibc 2.21
redhat enterprise_linux_server_aus 7.2
gnu glibc 2.11
hp helion_openstack 2.0.0
f5 big-ip_policy_enforcement_manager 12.0.0
redhat enterprise_linux_desktop 7.0
gnu glibc 2.10.1
hp server_migration_pack 7.5
suse linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 14.04
f5 big-ip_advanced_firewall_manager 12.0.0
gnu glibc 2.12.2
oracle fujitsu_m10_firmware *
gnu glibc 2.12
oracle exalogic_infrastructure 2.0
hp helion_openstack 2.1.0
f5 big-ip_application_security_manager 12.0.0
redhat enterprise_linux_server_eus 7.2
suse linux_enterprise_server 11.0
redhat enterprise_linux_workstation 7.0
f5 big-ip_domain_name_system 12.0.0
redhat enterprise_linux_hpc_node 7.0
suse linux_enterprise_debuginfo 11.0
canonical ubuntu_linux 15.10
gnu glibc 2.22
redhat enterprise_linux_hpc_node_eus 7.2
gnu glibc 2.18
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_access_policy_manager 12.0.0
gnu glibc 2.16
gnu glibc 2.10
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 11.0
f5 big-ip_link_controller 12.0.0
oracle exalogic_infrastructure 1.0
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
gnu glibc 2.17
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2015-7645 HIGH

Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 6.7
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_workstation 6.0
adobe flash_player 19.0.0.207
redhat enterprise_linux_server_from_rhui 6.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_desktop 11
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
adobe flash_player 19.0.0.185
CVE-2015-7976 MEDIUM

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
ntp ntp 4.3.33
ntp ntp 4.3.72
ntp ntp 4.3.3
ntp ntp 4.3.47
ntp ntp 4.3.82
ntp ntp 4.3.59
suse linux_enterprise_server 10
ntp ntp 4.3.27
ntp ntp 4.3.65
ntp ntp 4.3.38
ntp ntp 4.3.14
ntp ntp 4.3.80
ntp ntp 4.3.88
ntp ntp 4.3.67
ntp ntp 4.3.71
ntp ntp 4.3.66
ntp ntp 4.3.81
ntp ntp 4.3.40
ntp ntp 4.3.76
ntp ntp 4.3.34
ntp ntp 4.3.28
ntp ntp 4.3.37
ntp ntp 4.3.5
ntp ntp 4.3.21
ntp ntp 4.3.44
suse manager 2.1
ntp ntp 4.3.49
ntp ntp 4.3.11
ntp ntp 4.3.29
ntp ntp 4.3.45
ntp ntp 4.3.58
ntp ntp 4.3.75
ntp ntp 4.3.86
ntp ntp 4.3.18
ntp ntp 4.3.85
ntp ntp 4.3.70
ntp ntp 4.3.50
ntp ntp 4.3.61
ntp ntp 4.3.60
ntp ntp *
ntp ntp 4.3.79
ntp ntp 4.3.74
ntp ntp 4.3.62
ntp ntp 4.3.4
ntp ntp 4.3.20
ntp ntp 4.3.84
ntp ntp 4.3.53
novell suse_openstack_cloud 5
ntp ntp 4.3.54
ntp ntp 4.3.78
ntp ntp 4.3.8
ntp ntp 4.3.10
ntp ntp 4.3.16
ntp ntp 4.3.77
ntp ntp 4.3.51
ntp ntp 4.3.52
ntp ntp 4.3.23
ntp ntp 4.3.41
ntp ntp 4.3.56
ntp ntp 4.3.73
suse linux_enterprise_debuginfo 11
ntp ntp 4.3.6
ntp ntp 4.3.2
ntp ntp 4.3.48
ntp ntp 4.3.15
ntp ntp 4.3.25
ntp ntp 4.3.19
ntp ntp 4.3.9
suse manager_proxy 2.1
ntp ntp 4.3.31
ntp ntp 4.3.68
ntp ntp 4.3.83
ntp ntp 4.3.43
ntp ntp 4.3.57
suse suse_linux_enterprise_server 12
ntp ntp 4.3.22
ntp ntp 4.3.69
ntp ntp 4.3.1
opensuse leap 42.1
ntp ntp 4.3.17
ntp ntp 4.3.36
ntp ntp 4.3.7
ntp ntp 4.3.46
ntp ntp 4.3.24
ntp ntp 4.3.32
ntp ntp 4.3.64
ntp ntp 4.3.87
ntp ntp 4.3.55
suse linux_enterprise_server 11
ntp ntp 4.3.12
ntp ntp 4.3.42
ntp ntp 4.3.39
ntp ntp 4.3.63
ntp ntp 4.1.2
ntp ntp 4.3.13
ntp ntp 4.3.30
ntp ntp 4.3.0
suse linux_enterprise_server 12
ntp ntp 4.3.26
ntp ntp 4.3.35
ntp ntp 4.3.89
suse linux_enterprise_desktop 12
opensuse opensuse 13.2
CVE-2015-8126 HIGH

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat satellite 5.7
fedoraproject fedora 23
redhat enterprise_linux_eus 6.7
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
fedoraproject fedora 21
apple mac_os_x *
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_server_tus 7.6
oracle linux 7
oracle jre 1.7.0
redhat enterprise_linux_server_aus 7.2
opensuse leap 42.1
debian debian_linux 7.0
opensuse opensuse 13.1
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.2
oracle jre 1.6.0
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat satellite 5.6
redhat enterprise_linux_server_aus 7.4
oracle jdk 1.8.0
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
oracle solaris 11.3
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.3
canonical ubuntu_linux 15.04
oracle linux 6
suse linux_enterprise_desktop 11
oracle jdk 1.6.0
fedoraproject fedora 22
redhat enterprise_linux_workstation 7.0
oracle jre 1.8.0
libpng libpng *
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.4
oracle jdk 1.7.0
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2015-8539 HIGH

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
linux linux_kernel 4.4
suse linux_enterprise_real_time_extension 12
linux linux_kernel *
CVE-2015-8551 MEDIUM

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H 1.5 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_real_time_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
linux linux_kernel *
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2015-8567 MEDIUM

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.7 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H 3.1 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
fedoraproject fedora 23
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
qemu qemu *
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
suse linux_enterprise_desktop 11
fedoraproject fedora 22
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2015-8651 HIGH

Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-190,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
hp matrix_operating_environment 7.6
adobe air_sdk *
adobe air_sdk_&_compiler *
redhat enterprise_linux_server 6.0
hp version_control_repository_manager *
adobe air *
hp insight_control *
redhat enterprise_linux_desktop 6.0
hp systems_insight_manager *
redhat enterprise_linux_workstation 6.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_desktop 11
adobe flash_player *
hp insight_control_server_provisioning *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
hp system_management_homepage *
CVE-2015-8776 MEDIUM

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
fedoraproject fedora 23
suse suse_linux_enterprise_server 12
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
gnu glibc *
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2015-8778 HIGH

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
fedoraproject fedora 23
suse suse_linux_enterprise_server 12
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
gnu glibc *
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2015-8779 HIGH

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
fedoraproject fedora 23
suse suse_linux_enterprise_server 12
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
gnu glibc *
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2015-8785 MEDIUM

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 2.5 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,

Products Affected

Vendor Product Version
linux linux_kernel 4.4
suse linux_enterprise_real_time_extension 12
linux linux_kernel *
CVE-2015-8808 MEDIUM

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
suse studio_onsite 1.3
fedoraproject fedora 22
graphicsmagick graphicsmagick *
suse linux_enterprise_debuginfo 11
CVE-2015-8816 HIGH

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_real_time_extension 11
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_module_for_public_cloud 12
novell suse_linux_enterprise_software_development_kit 11.0
novell suse_linux_enterprise_real_time_extension 12
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_debuginfo 11
novell suse_linux_enterprise_desktop 12.0
suse linux_enterprise_server 12
novell suse_linux_enterprise_workstation_extension 12.0
suse linux_enterprise_live_patching 12
linux linux_kernel *
CVE-2015-8845 MEDIUM

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_real_time_extension 12
suse suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_desktop 12.0
suse suse_linux_enterprise_workstation_extension 12.0
linux linux_kernel *
novell suse_linux_enterprise_server 12.0
suse suse_linux_enterprise_module_for_public_cloud 12.0
suse suse_linux_enterprise_software_development_kit 12.0
CVE-2015-8866 MEDIUM

ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.6 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H 2.8 6.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
suse linux_enterprise_module_for_web_scripting 12
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
opensuse opensuse 13.2
php php *
CVE-2015-8925 MEDIUM

The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
CVE-2015-8926 MEDIUM

The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
CVE-2015-8928 MEDIUM

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
CVE-2015-8929 MEDIUM

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
CVE-2015-8930 MEDIUM

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
CVE-2015-8931 MEDIUM

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
debian debian_linux 7.0
debian debian_linux 8.0
CVE-2015-8932 MEDIUM

The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
debian debian_linux 7.0
debian debian_linux 8.0
CVE-2015-8933 MEDIUM

Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
CVE-2015-8934 MEDIUM

The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
suse linux_enterprise_server 12
libarchive libarchive *
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
CVE-2016-0264 MEDIUM

Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.6 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 2.2 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat satellite 5.7
redhat satellite 5.6
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_server_eus 6.7
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 5.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_hpc_node_supplementary 6.0
suse manager_proxy 2.1
redhat enterprise_linux_server_eus 7.5
suse manager 2.1
redhat enterprise_linux_hpc_node_supplementary 7.0
suse suse_linux_enterprise_server 12
suse openstack_cloud 5
redhat enterprise_linux_server_eus 7.3
ibm java_sdk *
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
redhat enterprise_linux_workstation 5.0
CVE-2016-0642 MEDIUM

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H 0.5 4.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.2
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
oracle mysql *
canonical ubuntu_linux 15.10
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
opensuse leap 42.1
redhat enterprise_linux_server_aus 7.6
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-0651 LOW

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.2
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
oracle mysql *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.2
mariadb mariadb *
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
opensuse leap 42.1
redhat enterprise_linux_server_aus 7.6
opensuse opensuse 13.2
CVE-2016-0668 LOW

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.1 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H 0.5 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
mariadb mariadb *
canonical ubuntu_linux 12.04
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-0718 HIGH

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
libexpat_project libexpat *
apple mac_os_x *
canonical ubuntu_linux 14.04
mcafee policy_auditor *
python python *
mozilla firefox *
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
suse studio_onsite 1.3
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2016-0752 MEDIUM

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
rubyonrails rails *
rubyonrails rails 5.0.0
opensuse leap 42.1
redhat software_collections 1.0
suse linux_enterprise_module_for_containers 12
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-1000030 HIGH

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client. This vulnerability appears to have been fixed in 2.11.0.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-295,

Products Affected

Vendor Product Version
pidgin pidgin *
suse linux_enterprise_server 11
CVE-2016-1285 MEDIUM

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
isc bind 9.10.3
juniper junos 18.4
fedoraproject fedora 23
suse linux_enterprise_debuginfo 11
juniper junos 12.1x46-d10
juniper junos 17.4
suse linux_enterprise_software_development_kit 11
juniper junos 18.3
debian debian_linux 9.0
isc bind *
juniper junos 12.3x48
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
isc bind 9.9.8
fedoraproject fedora 22
suse linux_enterprise_server 11
juniper junos 17.3
canonical ubuntu_linux 15.10
juniper junos 12.1x46
juniper junos 15.1x49
suse manager_proxy 2.1
suse manager 2.1
juniper junos 18.2
juniper junos 18.1
suse openstack_cloud 5
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
suse linux_enterprise_server 12
juniper junos 12.1x46-d76
suse linux_enterprise_desktop 12
opensuse leap 42.1
fedoraproject fedora 24
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-1286 MEDIUM

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H 3.9 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
isc bind 9.10.3
juniper junos 18.4
fedoraproject fedora 23
suse linux_enterprise_debuginfo 11
juniper junos 12.1x46-d10
juniper junos 17.4
suse linux_enterprise_software_development_kit 11
juniper junos 18.3
debian debian_linux 9.0
isc bind *
juniper junos 12.3x48
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 11
isc bind 9.9.8
fedoraproject fedora 22
suse linux_enterprise_server 11
juniper junos 17.3
canonical ubuntu_linux 15.10
juniper junos 12.1x46
juniper junos 15.1x49
suse manager_proxy 2.1
suse manager 2.1
juniper junos 18.2
juniper junos 18.1
suse openstack_cloud 5
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
suse linux_enterprise_server 12
juniper junos 12.1x46-d76
suse linux_enterprise_desktop 12
opensuse leap 42.1
fedoraproject fedora 24
debian debian_linux 7.0
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-1601 HIGH

yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-255,

Products Affected

Vendor Product Version
suse yast2 *
CVE-2016-1602 HIGH

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root).

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse suse_linux_enterprise_server 12
CVE-2016-1646 HIGH

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
suse package_hub -
redhat enterprise_linux_eus 6.7
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
opensuse leap 42.1
opensuse opensuse 13.1
debian debian_linux 8.0
CVE-2016-1651 MEDIUM

fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does not properly implement the sycc420_to_rgb and sycc422_to_rgb functions, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted JPEG 2000 data in a PDF document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
google chrome *
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
CVE-2016-1652 MEDIUM

Cross-site scripting (XSS) vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
google chrome *
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
CVE-2016-1653 HIGH

The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
CVE-2016-1654 MEDIUM

The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
CVE-2016-1655 MEDIUM

Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
CVE-2016-1656 MEDIUM

The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
google chrome *
opensuse leap 42.1
suse linux_enterprise 12.0
CVE-2016-1659 HIGH

Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
CVE-2016-1672 MEDIUM

The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,CWE-284,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1673 MEDIUM

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1674 MEDIUM

The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1675 MEDIUM

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1676 MEDIUM

extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1677 MEDIUM

uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
google v8 *
suse linux_enterprise 12.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-1678 MEDIUM

objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
google v8 *
suse linux_enterprise 12.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-1679 MEDIUM

The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1680 MEDIUM

Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1681 MEDIUM

Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1682 MEDIUM

The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1683 MEDIUM

numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
suse linux_enterprise 12.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
opensuse leap 42.1
xmlsoft libxslt *
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-1685 MEDIUM

core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1686 MEDIUM

The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1687 MEDIUM

The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1688 MEDIUM

The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
google v8 *
suse linux_enterprise 12.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-1689 MEDIUM

Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1690 MEDIUM

The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1691 MEDIUM

Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommon.cpp.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1692 MEDIUM

WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1693 LOW

browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack on an HTTP session.

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1694 MEDIUM

browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1695 MEDIUM

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1696 MEDIUM

The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,CWE-284,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1697 MEDIUM

The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1698 MEDIUM

The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1699 MEDIUM

WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1700 MEDIUM

extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1701 MEDIUM

The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
google chrome *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1702 MEDIUM

The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1703 MEDIUM

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
google chrome *
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
opensuse leap 42.1
suse linux_enterprise 12.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_desktop 6.0
CVE-2016-1960 MEDIUM

Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla thunderbird *
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-1961 MEDIUM

Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla thunderbird *
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-1964 MEDIUM

Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla thunderbird *
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-1974 MEDIUM

The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla thunderbird *
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-1977 MEDIUM

The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2178 LOW

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
nodejs node.js *
openssl openssl 1.0.1q
oracle solaris 10
openssl openssl 1.0.1i
openssl openssl 1.0.1n
openssl openssl 1.0.1t
openssl openssl 1.0.1p
openssl openssl 1.0.1d
openssl openssl 1.0.1g
openssl openssl 1.0.1
oracle solaris 11.3
oracle linux 5
openssl openssl 1.0.2b
openssl openssl 1.0.1r
openssl openssl 1.0.2e
oracle linux 6
openssl openssl 1.0.2c
openssl openssl 1.0.1k
openssl openssl 1.0.2d
openssl openssl 1.0.2f
openssl openssl 1.0.1m
openssl openssl 1.0.2
openssl openssl 1.0.1j
suse linux_enterprise 12.0
openssl openssl 1.0.1f
openssl openssl 1.0.2g
openssl openssl 1.0.2h
openssl openssl 1.0.1e
canonical ubuntu_linux 12.04
openssl openssl 1.0.1c
oracle linux 7
openssl openssl 1.0.1l
openssl openssl 1.0.1h
openssl openssl 1.0.1o
debian debian_linux 8.0
openssl openssl 1.0.1a
openssl openssl 1.0.1b
openssl openssl 1.0.2a
openssl openssl 1.0.1s
CVE-2016-2315 HIGH

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse openstack_cloud 5
suse linux_enterprise_software_development_kit 11
git-scm git 2.7.3
suse linux_enterprise_server 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
opensuse opensuse 13.2
suse suse_linux_enterprise_server 12
suse linux_enterprise_debuginfo 11
CVE-2016-2317 MEDIUM

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
graphicsmagick graphicsmagick 1.3.23
opensuse leap 42.1
suse studio_onsite 1.3
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_debuginfo 11
CVE-2016-2318 MEDIUM

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
graphicsmagick graphicsmagick 1.3.23
opensuse leap 42.1
suse studio_onsite 1.3
debian debian_linux 8.0
opensuse opensuse 13.2
suse linux_enterprise_debuginfo 11
CVE-2016-2324 HIGH

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse openstack_cloud 5
suse linux_enterprise_software_development_kit 11
git-scm git *
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
opensuse opensuse 13.2
suse linux_enterprise_software_development_kit 12.0
suse suse_linux_enterprise_server 12
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 12.0
CVE-2016-2782 MEDIUM

The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
suse linux_enterprise_debuginfo 11
linux linux_kernel 4.5.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_module_for_public_cloud 12
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_real_time_extension 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2016-2790 MEDIUM

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2791 MEDIUM

The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2792 MEDIUM

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2793 MEDIUM

CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2794 HIGH

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2795 MEDIUM

The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2796 MEDIUM

Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2797 MEDIUM

The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2798 MEDIUM

The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2799 HIGH

Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2800 MEDIUM

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2801 MEDIUM

The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2802 MEDIUM

The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
oracle linux 5.0
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
oracle linux 6
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
oracle linux 7
mozilla firefox 38.0.1
opensuse leap 42.1
sil graphite2 *
mozilla firefox 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-2806 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse leap 42.1
mozilla firefox 45.0.1
suse linux_enterprise 12.0
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
mozilla firefox *
CVE-2016-2807 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.7.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.5.1
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.0
mozilla firefox_esr 38.1.0
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox 45.0.1
suse linux_enterprise 12.0
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.4.0
mozilla firefox 38.1.1
mozilla firefox 38.0.1
opensuse leap 42.1
mozilla firefox 38.0.5
mozilla firefox 38.7.1
opensuse opensuse 13.1
mozilla firefox 38.3.0
opensuse opensuse 13.2
mozilla firefox 38.1.0
CVE-2016-3068 MEDIUM

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_hpc_node 7.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
fedoraproject fedora 23
redhat enterprise_linux_hpc_node_eus 7.2
mercurial mercurial *
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.2
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
redhat enterprise_linux_server_eus 7.2
fedoraproject fedora 22
debian debian_linux 7.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_workstation 7.0
CVE-2016-3069 MEDIUM

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_hpc_node 7.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
fedoraproject fedora 23
redhat enterprise_linux_hpc_node_eus 7.2
mercurial mercurial *
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.2
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
redhat enterprise_linux_server_eus 7.2
fedoraproject fedora 22
debian debian_linux 7.0
debian debian_linux 8.0
opensuse opensuse 13.2
redhat enterprise_linux_workstation 7.0
CVE-2016-3427 HIGH

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,CWE-284,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
oracle jrockit r28.3.9
redhat satellite 5.7
netapp oncommand_cloud_manager -
redhat enterprise_linux_eus 6.7
suse linux_enterprise_server 10
netapp e-series_santricity_web_services -
netapp oncommand_workflow_automation -
oracle linux 5
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_server_eus 6.7
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_server 5.0
redhat enterprise_linux_desktop 5.0
netapp oncommand_performance_manager -
suse manager_proxy 2.1
netapp oncommand_report -
suse manager 2.1
netapp virtual_storage_console *
netapp oncommand_shift -
apache cassandra 4.0.0
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_eus 7.7
netapp e-series_santricity_management_plug-ins -
netapp oncommand_insight -
redhat enterprise_linux_server_tus 7.6
oracle linux 7
oracle jre 1.7.0
redhat enterprise_linux_server_aus 7.2
opensuse leap 42.1
opensuse opensuse 13.1
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.2
oracle jre 1.6.0
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat satellite 5.6
redhat enterprise_linux_server_aus 7.4
netapp e-series_santricity_storage_manager -
oracle jdk 1.8.0
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
netapp oncommand_unified_manager -
redhat enterprise_linux_server_aus 7.3
netapp oncommand_balance -
oracle linux 6
redhat enterprise_linux_server_eus 7.2
oracle jdk 1.6.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
netapp storagegrid *
apache cassandra *
oracle jre 1.8.0
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
suse linux_enterprise_module_for_legacy 12
redhat enterprise_linux_eus 7.4
oracle jdk 1.7.0
redhat enterprise_linux_eus 7.6
suse openstack_cloud 5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
netapp vasa_provider_for_clustered_data_ontap *
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_workstation 5.0
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-3630 MEDIUM

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
fedoraproject fedora 23
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
fedoraproject fedora 22
debian debian_linux 7.0
debian debian_linux 8.0
opensuse opensuse 13.2
mercurial mercurial *
suse linux_enterprise_debuginfo 11
CVE-2016-3714 HIGH

The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
imagemagick imagemagick 7.0.0-0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
imagemagick imagemagick 7.0.1-0
suse suse_linux_enterprise_server 12
canonical ubuntu_linux 12.04
debian debian_linux 9.0
opensuse leap 42.1
imagemagick imagemagick *
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-3715 MEDIUM

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,CWE-552,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
imagemagick imagemagick 7.0.0-0
oracle solaris 10
redhat enterprise_linux_eus 6.7
suse linux_enterprise_debuginfo 11
redhat enterprise_linux_for_ibm_z_systems_eus 7.4_s390x
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_for_ibm_z_systems_eus 6.7_s390x
redhat enterprise_linux_for_ibm_z_systems 7.0_s390x
redhat enterprise_linux_for_power_little_endian_eus 7.7_ppc64le
redhat enterprise_linux_for_power_little_endian_eus 7.2_ppc64le
suse manager_proxy 2.1
redhat enterprise_linux_server_supplementary_eus 6.7z
suse manager 2.1
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
redhat enterprise_linux_for_power_little_endian_eus 7.5_ppc64le
redhat enterprise_linux_server_tus 7.6
oracle linux 7
redhat enterprise_linux_server_from_rhui 6.0
suse linux_enterprise_workstation_extension 12
redhat enterprise_linux_server_aus 7.2
opensuse leap 42.1
redhat enterprise_linux_for_ibm_z_systems_eus 7.2_s390x
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.2
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_for_ibm_z_systems_eus 7.3_s390x
redhat enterprise_linux_for_ibm_z_systems 6.0_s390x
redhat enterprise_linux_for_ibm_z_systems_eus 7.6_s390x
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_for_power_little_endian_eus 7.6_ppc64le
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_hpc_node 6.0
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
oracle linux 6
redhat enterprise_linux_for_power_little_endian 7.0_ppc64le
redhat enterprise_linux_server_eus 7.2
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_hpc_node 7.0
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
imagemagick imagemagick 7.0.1-0
redhat enterprise_linux_hpc_node_eus 7.2
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.2_ppc64
redhat enterprise_linux_for_ibm_z_systems_eus 7.5_s390x
redhat enterprise_linux_for_power_big_endian_eus 6.7_ppc64
redhat enterprise_linux_eus 7.6
suse openstack_cloud 5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_for_ibm_z_systems_eus 7.7_s390x
suse linux_enterprise_server 12
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
imagemagick imagemagick *
redhat enterprise_linux_for_power_little_endian_eus 7.4_ppc64le
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_for_power_little_endian_eus 7.3_ppc64le
opensuse opensuse 13.2
redhat enterprise_linux_server_from_rhui 7.0
CVE-2016-3718 MEDIUM

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-918,CWE-918,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
imagemagick imagemagick 7.0.0-0
oracle solaris 10
redhat enterprise_linux_eus 6.7
suse linux_enterprise_debuginfo 11
redhat enterprise_linux_for_ibm_z_systems_eus 7.4_s390x
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_for_ibm_z_systems_eus 6.7_s390x
redhat enterprise_linux_for_ibm_z_systems 7.0_s390x
redhat enterprise_linux_for_power_little_endian_eus 7.7_ppc64le
redhat enterprise_linux_for_power_little_endian_eus 7.2_ppc64le
suse manager_proxy 2.1
redhat enterprise_linux_server_supplementary_eus 6.7z
suse manager 2.1
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
redhat enterprise_linux_for_power_little_endian_eus 7.5_ppc64le
redhat enterprise_linux_server_tus 7.6
oracle linux 7
redhat enterprise_linux_server_from_rhui 6.0
suse linux_enterprise_workstation_extension 12
redhat enterprise_linux_server_aus 7.2
opensuse leap 42.1
redhat enterprise_linux_for_ibm_z_systems_eus 7.2_s390x
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.2
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
redhat enterprise_linux_for_ibm_z_systems_eus 7.3_s390x
redhat enterprise_linux_for_ibm_z_systems 6.0_s390x
redhat enterprise_linux_for_ibm_z_systems_eus 7.6_s390x
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_for_power_little_endian_eus 7.6_ppc64le
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_hpc_node 6.0
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
oracle linux 6
redhat enterprise_linux_for_power_little_endian 7.0_ppc64le
redhat enterprise_linux_server_eus 7.2
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_hpc_node 7.0
canonical ubuntu_linux 15.10
redhat enterprise_linux_server 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
imagemagick imagemagick 7.0.1-0
redhat enterprise_linux_hpc_node_eus 7.2
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.2_ppc64
redhat enterprise_linux_for_ibm_z_systems_eus 7.5_s390x
redhat enterprise_linux_for_power_big_endian_eus 6.7_ppc64
redhat enterprise_linux_eus 7.6
suse openstack_cloud 5
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_for_ibm_z_systems_eus 7.7_s390x
suse linux_enterprise_server 12
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
imagemagick imagemagick *
redhat enterprise_linux_for_power_little_endian_eus 7.4_ppc64le
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_for_power_little_endian_eus 7.3_ppc64le
opensuse opensuse 13.2
redhat enterprise_linux_server_from_rhui 7.0
CVE-2016-3951 MEDIUM

Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.10
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_module_for_public_cloud 12
suse suse_linux_enterprise_software_development_kit 12.0
linux linux_kernel 4.5.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12
CVE-2016-4117 HIGH

Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_from_rhui 6.0
opensuse evergreen 11.4
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4122 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4123 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4124 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4125 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4127 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4128 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4129 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4130 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4131 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4132 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4133 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4134 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4135 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4136 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4137 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4138 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4139 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4140 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4141 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4142 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4143 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4144 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4145 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4146 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4147 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4148 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4149 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-843,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4150 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4151 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4152 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4153 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4154 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4155 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4156 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
adobe flash_player_desktop_runtime *
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
adobe flash_player -
redhat enterprise_linux_server 5.0
CVE-2016-4171 HIGH

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
adobe flash_player_for_linux *
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_desktop 12
adobe flash_player *
opensuse opensuse 13.1
redhat enterprise_linux_workstation 5.0
opensuse opensuse 13.2
redhat enterprise_linux_server 5.0
CVE-2016-4473 HIGH

/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
php php 5.6.15
php php 5.6.13
php php 5.6.5
php php 5.6.21
suse linux_enterprise_software_development_kit 12
php php 5.6.20
php php 5.6.9
php php 7.0.7
php php 5.6.16
php php 5.6.0
php php 5.6.11
php php 5.6.14
php php 5.6.8
php php 5.6.4
php php 5.6.6
php php 5.6.2
php php 5.6.3
php php 5.6.22
php php 5.6.12
php php 5.6.17
php php 5.6.1
php php 5.6.7
suse linux_enterprise_module_for_web_scripting 12
php php 5.6.10
php php 5.6.19
php php 5.6.18
CVE-2016-4953 MEDIUM

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
ntp ntp 4.2.8
ntp ntp *
siemens tim_4r-ie_dnp3_firmware *
oracle solaris 10
suse manager_proxy 2.1
suse manager 2.1
siemens tim_4r-ie_firmware *
suse openstack_cloud 5
oracle solaris 11.3
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 42.1
opensuse opensuse 13.2
siemens simatic_net_cp_443-1_opc_ua_firmware *
suse linux_enterprise_server 11
CVE-2016-4954 MEDIUM

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
ntp ntp 4.2.8
ntp ntp *
siemens tim_4r-ie_dnp3_firmware *
oracle solaris 10
suse manager_proxy 2.1
suse manager 2.1
siemens tim_4r-ie_firmware *
suse openstack_cloud 5
oracle solaris 11.3
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 42.1
opensuse opensuse 13.2
siemens simatic_net_cp_443-1_opc_ua_firmware *
suse linux_enterprise_server 11
CVE-2016-4955 MEDIUM

ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
ntp ntp 4.2.8
ntp ntp *
oracle solaris 10
suse manager_proxy 2.1
novell suse_manager 2.1
suse openstack_cloud 5
oracle solaris 11.3
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 42.1
opensuse opensuse 13.2
siemens simatic_net_cp_443-1_opc_ua_firmware *
suse linux_enterprise_server 11
CVE-2016-4956 MEDIUM

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
ntp ntp 4.2.8
ntp ntp *
oracle solaris 10
suse manager_proxy 2.1
novell suse_manager 2.1
suse openstack_cloud 5
oracle solaris 11.3
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 42.1
opensuse opensuse 13.2
siemens simatic_net_cp_443-1_opc_ua_firmware *
suse linux_enterprise_server 11
CVE-2016-4957 MEDIUM

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
ntp ntp 4.2.8
oracle solaris 10
suse manager_proxy 2.1
novell suse_manager 2.1
ntp ntp 4.3.92
suse openstack_cloud 5
oracle solaris 11.3
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 42.1
opensuse opensuse 13.2
suse linux_enterprise_server 11
CVE-2016-5118 HIGH

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
oracle solaris 10
suse linux_enterprise_software_development_kit 12.0
suse linux_enterprise_debuginfo 11
suse linux_enterprise_software_development_kit 11
oracle solaris 11.3
suse linux_enterprise_desktop 12.0
suse linux_enterprise_software_development_kit 12
oracle linux 6
imagemagick imagemagick -
canonical ubuntu_linux 15.10
graphicsmagick graphicsmagick *
suse linux_enterprise_server 12.0
canonical ubuntu_linux 12.04
oracle linux 7
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 42.1
imagemagick imagemagick *
suse studio_onsite 1.3
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-5131 MEDIUM

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
apple mac_os_x *
google chrome *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 6.0
apple watchos *
suse linux_enterprise 12.0
apple iphone_os *
redhat enterprise_linux_desktop 6.0
apple tvos *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
opensuse leap 42.1
xmlsoft libxml2 *
opensuse opensuse 13.1
debian debian_linux 8.0
opensuse opensuse 13.2
CVE-2016-5244 MEDIUM

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
suse suse_linux_enterprise_software_development_kit 11
suse opensuse_leap 42.1
redhat enterprise_linux 5
fedoraproject fedora 23
suse suse_linux_enterprise_software_development_kit 12
suse suse_linux_enterprise_server 12
suse linux_enterprise_debuginfo 11
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_real_time_extension 12
suse linux_enterprise_desktop 12
linux linux_kernel *
fedoraproject fedora 24
fedoraproject fedora 22
suse linux_enterprise_server 11
CVE-2016-5285 MEDIUM

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
avaya aura_experience_portal *
avaya aura_communication_manager_messagint 7.0
avaya breeze_platform *
avaya aura_application_enablement_services *
avaya cs1000m_firmware *
avaya aura_session_manager 7.0.1
avaya aura_session_manager *
avaya cs1000e/cs1000m_signaling_server_firmware *
redhat enterprise_linux 5.0
avaya aura_messaging 6.3
avaya iq 5.2.x
debian debian_linux 9.0
avaya one-x_client_enablement_services 6.2
avaya aura_communication_manager *
avaya message_networking *
avaya call_management_system 17.0
avaya aura_application_enablement_services 7.0
suse linux_enterprise_server 11
avaya ip_office 9.1
redhat enterprise_linux 6.0
debian debian_linux 10.0
avaya aura_system_platform_firmware *
avaya aura_utility_services *
avaya aura_conferencing 7.0
avaya ip_office 10.0
avaya ip_office 8.1
avaya aura_messaging 6.3.3
redhat enterprise_linux 7.0
avaya aura_communication_manager 7.0
avaya cs1000e_firmware *
avaya session_border_controller_for_enterprise_firmware *
avaya aura_conferencing 7.2
avaya proactive_contact *
avaya aura_application_server_5300 3.0
avaya call_management_system *
avaya aura_conferencing 8.0
avaya aura_system_manager *
avaya aura_session_manager 7.0
mozilla nss *
avaya meeting_exchange 6.2
debian debian_linux 8.0
CVE-2016-5325 MEDIUM

CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-113,

Products Affected

Vendor Product Version
nodejs node.js 0.10.10
nodejs node.js 4.2.3
nodejs node.js 0.12.3
nodejs node.js 4.2.1
nodejs node.js 0.12.15
nodejs node.js 0.12.14
nodejs node.js 0.10.1
nodejs node.js 0.10.16
nodejs node.js 0.12.0
nodejs node.js 0.10.46
nodejs node.js 0.10.31
nodejs node.js 0.10.41
nodejs node.js 4.4.3
nodejs node.js 4.2.6
nodejs node.js 0.12.1
nodejs node.js 0.10.11
nodejs node.js 0.10.28
nodejs node.js 0.12.2
nodejs node.js 0.12.13
nodejs node.js 0.10.43
nodejs node.js 0.10.15
nodejs node.js 4.1.2
nodejs node.js 0.12.9
nodejs node.js 0.10.17
nodejs node.js 0.10.20
nodejs node.js 0.10.40
nodejs node.js 0.10.16-isaacs-manual
nodejs node.js 0.10.14
nodejs node.js 6.2.2
nodejs node.js 6.0.0
nodejs node.js 0.12.4
nodejs node.js 0.10.5
nodejs node.js 6.4.0
nodejs node.js 0.10.39
nodejs node.js 0.10.0
nodejs node.js 0.10.30
nodejs node.js 0.10.12
nodejs node.js 4.1.1
nodejs node.js 6.2.0
nodejs node.js 6.6.0
nodejs node.js 0.12.11
nodejs node.js 0.10.7
nodejs node.js 6.1.0
nodejs node.js 4.3.2
nodejs node.js 0.10.25
nodejs node.js 6.3.0
nodejs node.js 0.10.33
nodejs node.js 0.10.34
nodejs node.js 0.10.18
nodejs node.js 4.2.5
nodejs node.js 0.10.38
nodejs node.js 4.2.0
nodejs node.js 0.12.12
nodejs node.js 6.2.1
nodejs node.js 0.10.35
nodejs node.js 4.4.6
nodejs node.js 4.4.1
nodejs node.js 0.10.27
nodejs node.js 6.5.0
nodejs node.js 0.10.23
nodejs node.js 6.3.1
nodejs node.js 0.10.2
nodejs node.js 0.10.21
nodejs node.js 0.10.9
nodejs node.js 0.12.6
nodejs node.js 0.10.8
nodejs node.js 4.2.4
nodejs node.js 4.0.0
nodejs node.js 0.12.5
nodejs node.js 0.10.32
nodejs node.js 0.10.37
nodejs node.js 0.10.24
nodejs node.js 4.4.4
nodejs node.js 4.3.1
nodejs node.js 4.2.2
nodejs node.js 0.12.7
nodejs node.js 0.10.6
nodejs node.js 4.4.7
nodejs node.js 0.10.3
nodejs node.js 0.10.19
nodejs node.js 0.10.44
nodejs node.js 4.4.0
nodejs node.js 0.10.22
suse linux_enterprise 12.0
nodejs node.js 0.10.36
nodejs node.js 0.10.42
nodejs node.js 0.12.8
nodejs node.js 0.10.4
nodejs node.js 4.1.0
nodejs node.js 4.5.0
nodejs node.js 0.10.13
nodejs node.js 0.10.45
nodejs node.js 0.10.29
nodejs node.js 4.3.0
nodejs node.js 4.4.2
nodejs node.js 4.4.5
nodejs node.js 0.10.26
nodejs node.js 0.12.10
CVE-2016-5772 HIGH

Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-415,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
opensuse leap 42.1
debian debian_linux 8.0
opensuse opensuse 13.2
php php *
suse linux_enterprise_server 11
suse linux_enterprise_debuginfo 11
CVE-2016-7099 MEDIUM

The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
nodejs node.js 0.10.10
nodejs node.js 4.2.3
nodejs node.js 0.12.3
nodejs node.js 4.2.1
nodejs node.js 0.12.15
nodejs node.js 0.12.14
nodejs node.js 0.10.1
nodejs node.js 0.10.16
nodejs node.js 0.12.0
nodejs node.js 0.10.46
nodejs node.js 0.10.31
nodejs node.js 0.10.41
nodejs node.js 4.4.3
nodejs node.js 4.2.6
nodejs node.js 0.12.1
nodejs node.js 0.10.11
nodejs node.js 0.10.28
nodejs node.js 0.12.2
nodejs node.js 0.12.13
nodejs node.js 0.10.43
nodejs node.js 0.10.15
nodejs node.js 4.1.2
nodejs node.js 0.12.9
nodejs node.js 0.10.17
nodejs node.js 0.10.20
nodejs node.js 0.10.40
nodejs node.js 0.10.16-isaacs-manual
nodejs node.js 0.10.14
nodejs node.js 6.2.2
nodejs node.js 6.0.0
nodejs node.js 0.12.4
nodejs node.js 0.10.5
nodejs node.js 6.4.0
nodejs node.js 0.10.39
nodejs node.js 0.10.0
nodejs node.js 0.10.30
nodejs node.js 0.10.12
nodejs node.js 4.1.1
nodejs node.js 6.2.0
nodejs node.js 6.6.0
nodejs node.js 0.12.11
nodejs node.js 0.10.7
nodejs node.js 6.1.0
nodejs node.js 4.3.2
nodejs node.js 0.10.25
nodejs node.js 6.3.0
nodejs node.js 0.10.33
nodejs node.js 0.10.34
nodejs node.js 0.10.18
nodejs node.js 4.2.5
nodejs node.js 0.10.38
nodejs node.js 4.2.0
nodejs node.js 0.12.12
nodejs node.js 6.2.1
nodejs node.js 0.10.35
nodejs node.js 4.4.6
nodejs node.js 4.4.1
nodejs node.js 0.10.27
nodejs node.js 6.5.0
nodejs node.js 0.10.23
nodejs node.js 6.3.1
nodejs node.js 0.10.2
nodejs node.js 0.10.21
nodejs node.js 0.10.9
nodejs node.js 0.12.6
nodejs node.js 0.10.8
nodejs node.js 4.2.4
nodejs node.js 4.0.0
nodejs node.js 0.12.5
nodejs node.js 0.10.32
nodejs node.js 0.10.37
nodejs node.js 0.10.24
nodejs node.js 4.4.4
nodejs node.js 4.3.1
nodejs node.js 4.2.2
nodejs node.js 0.12.7
nodejs node.js 0.10.6
nodejs node.js 4.4.7
nodejs node.js 0.10.3
nodejs node.js 0.10.19
nodejs node.js 0.10.44
nodejs node.js 4.4.0
nodejs node.js 0.10.22
suse linux_enterprise 12.0
nodejs node.js 0.10.36
nodejs node.js 0.10.42
nodejs node.js 0.12.8
nodejs node.js 0.10.4
nodejs node.js 4.1.0
nodejs node.js 4.5.0
nodejs node.js 0.10.13
nodejs node.js 0.10.45
nodejs node.js 0.10.29
nodejs node.js 4.3.0
nodejs node.js 4.4.2
nodejs node.js 4.4.5
nodejs node.js 0.10.26
nodejs node.js 0.12.10
CVE-2016-7797 MEDIUM

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
opensuse leap 42.2
redhat enterprise_linux_high_availability 7.0
opensuse_project leap 42.1
redhat enterprise_linux_resilient_storage 7.0
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_high_availability 12
clusterlabs pacemaker *
CVE-2016-7966 HIGH

Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
kde kmail *
suse linux_enterprise 12.0
debian debian_linux 8.0
fedoraproject fedora 25
CVE-2016-8568 MEDIUM

The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 42.2
libgit2_project libgit2 *
fedoraproject fedora 23
opensuse leap 42.1
suse linux_enterprise 12.0
fedoraproject fedora 24
opensuse opensuse 13.2
fedoraproject fedora 25
CVE-2016-8569 MEDIUM

The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
opensuse leap 42.2
libgit2_project libgit2 *
fedoraproject fedora 23
opensuse leap 42.1
suse linux_enterprise 12.0
fedoraproject fedora 24
opensuse opensuse 13.2
fedoraproject fedora 25
CVE-2016-9398 MEDIUM

The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
fedoraproject fedora 32
opensuse leap 42.2
opensuse leap 15.2
suse linux_enterprise_server 12
fedoraproject fedora 33
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
jasper_project jasper *
opensuse leap 15.1
CVE-2016-9957 MEDIUM

Stack-based buffer overflow in game-music-emu before 0.6.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse leap 42.2
opensuse_project leap 42.1
game-music-emu_project game-music-emu *
suse linux_enterprise_workstation_extension 12
opensuse opensuse 12.1
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise 12.0
suse suse_linux_enterprise_server 12
CVE-2016-9958 MEDIUM

game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse leap 42.2
opensuse_project leap 42.1
game-music-emu_project game-music-emu *
suse linux_enterprise_workstation_extension 12
opensuse opensuse 12.1
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise 12.0
suse suse_linux_enterprise_server 12
CVE-2016-9959 MEDIUM

game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-787,

Products Affected

Vendor Product Version
opensuse leap 42.2
opensuse_project leap 42.1
game-music-emu_project game-music-emu *
suse linux_enterprise_workstation_extension 12
opensuse opensuse 12.1
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise 12.0
suse suse_linux_enterprise_server 12
CVE-2017-1000366 HIGH

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_eus 6.2
suse linux_enterprise_server_for_raspberry_pi 12
suse linux_enterprise_server 10
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server_eus 6.7
redhat enterprise_linux 6.0
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_server_aus 6.2
novell suse_linux_enterprise_point_of_sale 11.0
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_server_tus 7.6
mcafee web_gateway *
novell suse_linux_enterprise_desktop 12.0
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.2
suse linux_enterprise_software_development_kit 11.0
redhat enterprise_linux_server_tus 7.3
suse linux_enterprise_for_sap 12
redhat enterprise_linux_server_aus 7.4
suse linux_enterprise_software_development_kit 12.0
redhat enterprise_linux_desktop 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_server_eus 7.2
gnu glibc *
redhat enterprise_linux_server_eus 7.4
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 6.6
redhat enterprise_linux_server 6.0
redhat enterprise_linux 5
openstack cloud_magnum_orchestration 7
redhat enterprise_linux 7.0
novell suse_linux_enterprise_server 11.0
opensuse leap 42.2
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_server 12
redhat enterprise_linux_server_long_life 5.9
redhat enterprise_linux_server_aus 7.6
debian debian_linux 8.0
redhat enterprise_linux_server_aus 6.6
CVE-2017-13077 MEDIUM

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13078 LOW

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

CVSS 2.0

Severity: LOW

Problem Type: CWE-323,CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13079 LOW

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

CVSS 2.0

Severity: LOW

Problem Type: CWE-323,CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13080 LOW

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

CVSS 2.0

Severity: LOW

Problem Type: CWE-323,CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13081 LOW

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

CVSS 2.0

Severity: LOW

Problem Type: CWE-323,CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13082 MEDIUM

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-323,CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13084 MEDIUM

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-323,CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13086 MEDIUM

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-323,CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13087 LOW

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

CVSS 2.0

Severity: LOW

Problem Type: CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-13088 LOW

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

CVSS 2.0

Severity: LOW

Problem Type: CWE-323,CWE-330,

Products Affected

Vendor Product Version
w1.fi wpa_supplicant 0.6.10
w1.fi hostapd 0.4.8
w1.fi hostapd 2.4
canonical ubuntu_linux 17.04
w1.fi hostapd 2.5
w1.fi hostapd 0.4.10
w1.fi hostapd 0.6.9
w1.fi hostapd 2.2
w1.fi wpa_supplicant 2.6
freebsd freebsd 11.1
w1.fi hostapd 0.6.10
w1.fi wpa_supplicant 1.0
freebsd freebsd 11
w1.fi wpa_supplicant 2.3
w1.fi wpa_supplicant 2.0
freebsd freebsd 10.4
w1.fi wpa_supplicant 0.2.8
w1.fi wpa_supplicant 0.6.8
w1.fi hostapd 0.5.7
w1.fi hostapd 0.3.9
w1.fi hostapd 0.4.7
w1.fi wpa_supplicant 0.2.7
w1.fi hostapd 2.0
w1.fi hostapd 0.2.6
w1.fi wpa_supplicant 0.6.9
w1.fi hostapd 0.5.8
w1.fi wpa_supplicant 0.2.5
w1.fi wpa_supplicant 0.5.11
w1.fi hostapd 0.3.11
redhat enterprise_linux_server 7
w1.fi hostapd 0.2.4
w1.fi hostapd 0.7.3
w1.fi wpa_supplicant 1.1
suse linux_enterprise_point_of_sale 11
canonical ubuntu_linux 16.04
w1.fi wpa_supplicant 0.3.8
w1.fi wpa_supplicant 0.5.10
w1.fi wpa_supplicant 0.4.9
w1.fi wpa_supplicant 0.4.10
w1.fi wpa_supplicant 0.5.8
canonical ubuntu_linux 14.04
w1.fi hostapd 0.3.10
w1.fi hostapd 0.5.11
w1.fi hostapd 0.4.9
w1.fi wpa_supplicant 0.3.11
redhat enterprise_linux_desktop 7
w1.fi wpa_supplicant 0.3.10
w1.fi hostapd 2.1
w1.fi wpa_supplicant 2.2
w1.fi hostapd 0.2.5
w1.fi wpa_supplicant 0.4.8
debian debian_linux 9.0
w1.fi wpa_supplicant 0.3.7
w1.fi hostapd 0.2.8
w1.fi wpa_supplicant 0.2.6
w1.fi wpa_supplicant 2.5
w1.fi wpa_supplicant 0.2.4
suse linux_enterprise_server 11
w1.fi wpa_supplicant 0.4.11
opensuse leap 42.3
freebsd freebsd *
w1.fi hostapd 1.1
freebsd freebsd 10
w1.fi hostapd 2.3
w1.fi wpa_supplicant 2.1
w1.fi hostapd 0.3.7
w1.fi wpa_supplicant 0.3.9
suse openstack_cloud 6
w1.fi wpa_supplicant 0.5.9
opensuse leap 42.2
w1.fi wpa_supplicant 2.4
w1.fi hostapd 0.5.10
w1.fi wpa_supplicant 0.5.7
suse linux_enterprise_server 12
w1.fi hostapd 0.5.9
suse linux_enterprise_desktop 12
w1.fi hostapd 2.6
w1.fi hostapd 0.4.11
w1.fi hostapd 0.6.8
w1.fi hostapd 1.0
w1.fi wpa_supplicant 0.7.3
debian debian_linux 8.0
w1.fi wpa_supplicant 0.4.7
CVE-2017-14491 HIGH

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 17.04
canonical ubuntu_linux 14.04
arista eos *
siemens scalance_m-800_firmware *
nvidia linux_for_tegra *
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_debuginfo 11
siemens scalance_w1750d_firmware *
synology diskstation_manager 5.2
debian debian_linux 9.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
opensuse leap 42.3
thekelleys dnsmasq *
siemens scalance_s615_firmware *
arubanetworks arubaos *
redhat enterprise_linux_server 6.0
debian debian_linux 7.1
siemens ruggedcom_rm1224_firmware *
synology router_manager 1.1
canonical ubuntu_linux 12.04
opensuse leap 42.2
redhat enterprise_linux_workstation 6.0
synology diskstation_manager 6.0
suse linux_enterprise_server 12
huawei honor_v9_play_firmware *
synology diskstation_manager 6.1
debian debian_linux 7.0
debian debian_linux 8.0
suse linux_enterprise_point_of_sale 11
nvidia geforce_experience *
CVE-2017-14621 LOW

Portus 2.2.0 has XSS via the Team field, related to typeahead.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
suse portus 2.2.0
CVE-2017-14798 MEDIUM

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-61,CWE-362,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
postgresql postgresql *
CVE-2017-14804 MEDIUM

The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-20,

Products Affected

Vendor Product Version
opensuse leap 42.3
suse linux_enterprise_software_development_kit 11
opensuse leap 42.2
suse linux_enterprise_software_development_kit 12
CVE-2017-14806 MEDIUM

A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version 1.3.17-56.6.3 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6
security@opentext.com 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 2.2 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,CWE-295,

Products Affected

Vendor Product Version
suse studio_onsite 1.3
suse susestudio-ui-server *
CVE-2017-14807 MEDIUM

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. This issue affects: SUSE Studio onsite susestudio-ui-server version 1.3.17-56.6.3 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@opentext.com 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 2.8 5.2
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
suse studio_onsite 1.3
suse susestudio-ui-server *
CVE-2017-15115 HIGH

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 17.10
linux linux_kernel *
debian debian_linux 7.0
suse linux_enterprise_server 11
CVE-2017-15638 MEDIUM

The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse susefirewall2 -
CVE-2017-16232 MEDIUM

LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-772,

Products Affected

Vendor Product Version
opensuse leap 42.3
opensuse leap 42.2
suse linux_enterprise_server 12
libtiff libtiff 4.0.8
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
CVE-2017-17558 HIGH

The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
linux linux_kernel *
suse linux_enterprise_server 11
CVE-2017-17805 HIGH

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 17.10
suse linux_enterprise_server_for_raspberry_pi 12
canonical ubuntu_linux 12.04
opensuse leap 42.2
debian debian_linux 9.0
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse_project leap 42.3
linux linux_kernel *
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2017-17806 HIGH

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 17.10
suse linux_enterprise_server_for_raspberry_pi 12
canonical ubuntu_linux 12.04
opensuse leap 42.2
debian debian_linux 9.0
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse_project leap 42.3
linux linux_kernel *
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2017-18017 HIGH

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
canonical ubuntu_linux 14.04
suse caas_platform *
arista eos *
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_for_real_time_for_nfv 7
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_debuginfo 11
suse linux_enterprise_high_availability 12
redhat enterprise_linux_for_real_time 7
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_tus 7.4
suse linux_enterprise_real_time_extension 12
redhat mrg_realtime 2.0
suse linux_enterprise_software_development_kit 12
arista eos 4.20.1fx-virtual-router
linux linux_kernel *
redhat enterprise_linux_eus 7.3
f5 arx *
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
opensuse leap 42.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.4
suse openstack_cloud 6
openstack cloud_magnum_orchestration 7
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 7.6
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
suse linux_enterprise_high_availability_extension 11
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_module_for_public_cloud 12
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
suse linux_enterprise_real_time_extension 11
redhat enterprise_linux_server_aus 7.7
suse linux_enterprise_desktop 12
suse linux_enterprise_live_patching 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
debian debian_linux 8.0
suse linux_enterprise_point_of_sale 11
CVE-2017-3224 MEDIUM

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-354,CWE-345,

Products Affected

Vendor Product Version
suse suse_linux -
redhat package_manager -
suse opensuse -
quagga quagga -
CVE-2017-5753 MEDIUM

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.6 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N 1.1 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
intel xeon_e5 4640
intel xeon_e5_2637_v3 -
intel core_i5 6685r
intel core_i7 870
intel core_i5 2450m
intel xeon_platinum 8176f
intel core_i5 6500
intel xeon_e3_1220_v2 -
intel xeon_e5_2470_v2 -
intel xeon_e3_1265l_v3 -
intel xeon ec5549
intel xeon_e5 2683_v4
intel core_i7 2655le
intel xeon_e5_2650 -
phoenixcontact bl_ppc17_1000_firmware -
intel xeon_e7 4830_v4
intel xeon_phi 7235
intel core_i5 430um
intel core_i7 2649m
intel xeon_platinum 8168
intel core_i7 4610m
siemens simatic_itc1500_pro_firmware *
intel core_i3 6100
intel atom_c c2316
intel xeon_e5_2428l_v2 -
intel xeon_e5 2697a_v4
intel xeon_e7 4860
intel xeon e5502
intel core_i5 2400s
intel celeron_n n3450
intel core_i3 4100u
intel core_i5 6500t
intel xeon_e7 4880_v2
intel core_i5 2557m
intel core_i5 3470
intel xeon_platinum 8158
intel core_i3 3250t
intel core_i5 4210m
canonical ubuntu_linux 14.04
intel core_i5 2405s
intel xeon_e5_2440_v2 -
intel xeon_platinum 8156
intel xeon_e5_2420_v2 -
intel core_i5 6287u
intel core_i7 4900mq
intel core_i7 2700k
intel atom_c c3950
intel core_i5 2450p
intel pentium_j j4205
intel core_i3 4010y
intel core_i5 4278u
intel xeon_e3_1265l_v2 -
intel core_i7 4710mq
intel xeon_e5 4603
oracle local_service_management_system 13.3
intel xeon_bronze_3104 -
intel core_i7 2920xm
intel core_i7 3632qm
intel core_i5 2520m
intel xeon_e3 1575m_v5
intel xeon_gold 6130t
intel core_i7 640lm
intel atom_x3 c3205rk
intel xeon e5530
intel core_i5 670
intel pentium_n n3520
intel xeon_e5 4657l_v2
intel core_i5 6400
intel xeon e7520
intel core_i7 2600
intel xeon_e5_1620_v4 -
intel core_i5 5287u
intel xeon_e5_2628l_v4 -
intel core_i7 5775r
intel xeon_e7 8857_v2
intel xeon_e7 8867_v4
intel xeon_e3_1230_v3 -
intel core_i5 3570k
intel xeon_e3_1275 -
intel xeon x5677
siemens simatic_itc1900_pro_firmware *
intel xeon_e5 2697_v3
intel xeon_e7 8891_v3
intel xeon_e5_2628l_v2 -
intel core_i7 4800mq
intel atom_c c2358
phoenixcontact el_ppc_1000/m_firmware -
intel xeon_e3_1275_v5 -
intel atom_z z2580
intel core_i5 3317u
intel xeon_e5_1630_v3 -
intel xeon_e5_2618l_v4 -
intel core_i3 3130m
intel core_i7 5950hq
intel xeon_e5_2428l -
phoenixcontact bl_ppc_1000_firmware -
intel core_i7 3635qm
intel xeon_e5_2603_v3 -
intel celeron_n n2805
intel core_i7 3770t
intel core_i3 6100t
intel core_i7 875k
intel xeon e5630
intel core_i7 680um
intel core_i7 920xm
intel core_i3 6006u
intel core_i7 940xm
siemens simatic_itc1900_firmware *
intel atom_c c2550
intel xeon x3430
intel xeon x5660
intel atom_z z2520
intel core_i5 4200m
intel core_i7 4960hq
intel xeon_platinum 8176
intel core_i7 4700ec
intel xeon_e3 1558l_v5
intel core_i7 5850hq
intel xeon_gold 6150
intel xeon_e5_2648l_v4 -
intel xeon_e7 8880l_v3
intel xeon e5504
intel xeon_e5 2690_v3
intel core_i5 8250u
intel xeon e5620
intel core_i5 4288u
intel core_i7 3770
intel xeon x5687
intel xeon_e5_1630_v4 -
intel xeon_e5 2680_v4
intel core_m3 7y32
intel xeon_e5 2695_v3
intel xeon_e5 4669_v3
phoenixcontact bl2_ppc_7000_firmware -
intel core_i3 4100m
intel core_i5 3470t
canonical ubuntu_linux 12.04
intel atom_c c3708
intel core_m 5y51
intel atom_c c3808
intel core_i7 975
intel core_i5 2537m
intel core_i3 2130
intel xeon e5540
intel xeon lc5528
intel core_i5 3570t
intel core_i7 3540m
intel xeon_e3_1260l -
intel core_i5 5300u
intel core_i5 3339y
intel xeon l5508
intel core_i3 4340te
intel core_i5 3475s
intel xeon_e7 8870_v2
intel core_i5 4570t
intel core_i7 965
intel xeon_e5 2660
intel atom_z z3736f
intel core_i5 6440eq
intel core_i7 2677m
intel xeon_e5 4650_v4
intel celeron_n n2810
intel xeon_e5 2670_v3
intel xeon_e7 8891_v2
intel xeon_e5_2418l -
intel atom_c c2730
intel core_i7 5650u
intel xeon_e5 2680_v3
intel xeon_e5 4650
phoenixcontact vl2_bpc_7000_firmware -
intel atom_c c3338
phoenixcontact bl_bpc_3001_firmware -
intel xeon l5530
arm cortex-a78ae_firmware -
phoenixcontact vl_ppc_2000_firmware -
intel core_i3 5157u
intel xeon_e5_2650l_v2 -
intel core_i7 4750hq
intel celeron_n n2830
intel core_i7 3615qm
intel xeon_e7 8860
intel core_i7 2637m
intel xeon_e5 2667_v3
intel xeon_e5_2620_v3 -
intel core_i5 3230m
intel xeon_e3_1125c -
intel core_i5 6600
intel atom_x5-e3930 -
intel core_i7 4610y
intel core_i5 4690t
intel xeon_platinum 8170m
intel core_i5 4460
intel xeon x5690
intel xeon_e5 4620_v4
intel xeon_e5_2628l_v3 -
intel core_i7 3770k
intel core_i5 3470s
intel core_i7 4910mq
intel celeron_n n3160
intel core_i7 990x
phoenixcontact vl2_bpc_1000_firmware -
intel core_i7 4790s
intel xeon_silver 4110
intel core_i7 8700k
intel core_i3 4170t
intel xeon_e3_1245_v6 -
intel celeron_n n2806
intel atom_x3 c3130
intel xeon x3460
intel xeon_phi 7250
intel core_i7 2600k
intel core_i3 4360
intel xeon_e5 2687w_v4
intel core_i7 4950hq
intel xeon lc5518
intel xeon_gold 6134
intel xeon_e7 4870_v2
intel core_i3 2365m
intel core_i3 3110m
intel core_i5 5257u
intel core_i5 2515e
intel celeron_n n4100
intel core_i3 3227u
intel core_i5 4430s
phoenixcontact dl_ppc15_1000_firmware -
intel xeon e5520
arm cortex-a73_firmware -
intel xeon e7530
intel core_i5 4350u
intel core_i7 3610qe
intel celeron_j j3060
intel core_i7 2629m
intel core_i3 2120
intel core_i7 7560u
intel pentium_j j2850
intel xeon_e7 4807
arm cortex-r8_firmware -
intel xeon_e3_1225_v3 -
intel xeon w5590
intel atom_x3 c3235rk
intel xeon ec5509
intel xeon_e3_1275_v2 -
intel core_i3 3115c
intel core_i7 2620m
intel xeon_e5_2630_v4 -
intel core_i7 4860hq
intel xeon_e5 4660_v3
intel core_i5 470um
intel xeon e6540
intel xeon_e5_2643_v3 -
intel core_i7 720qm
intel xeon_e3_1280_v2 -
intel xeon_e5_1620_v2 -
oracle solaris 11.3
intel xeon_silver 4108
intel celeron_j j1900
intel xeon_e5_1650_v3 -
intel xeon_e5 4667_v4
intel xeon_e3_1270 -
intel xeon_e5_2428l_v3 -
phoenixcontact vl2_ppc9_1000_firmware -
opensuse leap 42.3
intel pentium_n n3700
intel celeron_n n3350
intel core_i3 540
intel xeon w5580
intel xeon_e3_1271_v3 -
intel xeon_e3_1245_v5 -
intel xeon_e5 2660_v2
arm cortex-a17_firmware -
intel xeon x5647
intel xeon_e5_2643_v2 -
phoenixcontact vl2_ppc12_1000_firmware -
intel xeon_e5_2418l_v2 -
intel core_i3 3245
intel core_i3 4360t
intel xeon x5680
intel xeon_e3_1225_v6 -
intel xeon_e5_1428l_v2 -
intel xeon_e3_1220 -
intel core_i5 5350h
intel atom_x3 c3265rk
intel atom_x3 c3230rk
intel xeon_e-1105c -
intel core_i5 3450s
intel core_i5 5200u
intel xeon_e5_2620_v4 -
intel xeon_e5 2667
intel core_i7 8650u
intel celeron_j j3455
intel xeon x5650
phoenixcontact bl_bpc_2000_firmware -
intel core_i3 2377m
intel xeon_e5_2650_v2 -
phoenixcontact bl_ppc17_3000_firmware -
intel xeon_gold 5118
intel xeon x3440
intel core_i5 4690
intel celeron_n n2910
intel xeon_e7 8870
intel atom_z z3770d
intel core_i5 4300y
intel core_i7 4550u
intel celeron_n n2820
intel xeon e5606
intel xeon_e5_2630_v2 -
intel xeon l5630
intel core_i3 2328m
intel core_i7 3517ue
intel xeon_e7 4850_v4
intel xeon_e5 4650_v3
intel core_i3 4102e
phoenixcontact vl2_bpc_3000_firmware -
intel core_i7 660ue
intel xeon_e5_2609_v2 -
phoenixcontact el_ppc_1000/wt_firmware -
intel core_i3 2310m
intel core_i7 620m
intel core_i7 860s
intel core_i5 2390t
intel core_i7 4790k
intel atom_z z3736g
intel xeon_gold 6140
intel xeon_e5 4667_v3
intel xeon_e3_1258l_v4 -
intel core_i7 4771
intel xeon_gold 5115
intel xeon_phi 7290f
intel core_i3 3217ue
intel core_i7 2710qe
intel atom_z z3775d
intel core_i3 330e
intel core_i7 4850hq
intel atom_z z3735g
intel atom_c c2338
intel xeon_e5 4617
intel xeon_e5_2430l -
intel xeon_e7 2870_v2
intel xeon_e3_1230l_v3 -
intel core_i5 540um
intel xeon_gold 6130
intel core_i3 2367m
intel xeon_gold 6152
intel xeon_e3_1286l_v3 -
intel xeon_phi 7250f
intel xeon_e5_2650l_v3 -
intel xeon_e5_2630l_v4 -
intel core_m3 6y30
siemens simatic_itc2200_pro_firmware *
phoenixcontact vl2_ppc_3000_firmware -
intel xeon_e5 2658_v2
intel xeon_platinum 8160f
intel core_i3 2370m
intel core_i5 2467m
intel core_i5 4200h
intel core_i7 820qm
intel core_i3 4020y
intel core_i5 2540m
intel xeon_e3_12201_v2 -
intel core_i5 4670
intel xeon_e7 8850
phoenixcontact bl_bpc_7000_firmware -
intel xeon_e5_2407 -
intel core_i3 5010u
intel core_i3 8350k
intel atom_z z3570
intel xeon_e5_2609_v3 -
intel xeon_e3_1230 -
intel core_i7 4770k
vmware fusion *
intel core_i7 4870hq
intel xeon_e7 4830_v2
intel core_i7 4702mq
phoenixcontact vl2_ppc_9000_firmware -
intel core_i7 5557u
intel xeon_e5_2637_v2 -
intel xeon_e3_12201 -
intel core_i5 4330m
intel core_i7 4760hq
intel xeon_e5 2687w_v2
intel xeon_gold 5119t
intel core_i7 3720qm
intel xeon_e3 1515m_v5
intel xeon_e7 8893_v2
intel xeon_e5_2450l_v2 -
intel xeon_e5_1660 -
intel xeon_silver 4116
intel core_i7 4770t
intel core_i7 4765t
intel xeon_e5 4627_v3
arm cortex-x1_firmware -
intel core_i3 370m
phoenixcontact dl_ppc18.5m_7000_firmware -
intel core_i5 650
intel core_i5 750s
intel core_i5 3210m
intel atom_z z3770
intel xeon_e7 8891_v4
intel xeon w3670
intel core_i5 6600k
arm cortex-a57_firmware -
intel core_i5 4300m
intel core_i7 640um
intel xeon_e5 2695_v2
opensuse leap 42.2
intel atom_c c3558
intel core_i3 4010u
intel core_i5 6585r
intel xeon_e5 4660_v4
intel atom_c c3758
pepperl-fuchs btc12_firmware -
intel core_i5 540m
intel core_i3 4130
intel core_i7 640m
intel xeon_gold 6134m
intel xeon_e5_2630_v3 -
intel core_i7 860
intel core_i5 4422e
intel xeon x3480
intel xeon_silver 4112
intel core_i3 330m
intel xeon_e7 8880l_v2
phoenixcontact bl_ppc_7000_firmware -
oracle solaris 10
phoenixcontact vl2_bpc_9000_firmware -
intel xeon l5609
intel xeon_e3_1220_v5 -
arm cortex-r7_firmware -
intel core_i5 8350u
intel atom_c c2538
intel xeon_e3_1278l_v4 -
siemens simatic_itc1500_firmware *
intel xeon_platinum 8170
phoenixcontact bl2_bpc_7000_firmware -
intel core_i7 4810mq
intel xeon_e5_2430_v2 -
intel core_i5 4402e
intel core_i7 2635qm
intel xeon_e7 4809_v3
intel xeon l5506
intel atom_z z3740d
intel core_i3 4100e
intel xeon_e5_1680_v3 -
intel core_i5 3337u
intel atom_e e3825
intel xeon_e5 2697_v2
intel core_m 5y10c
intel xeon l5640
intel celeron_j j1850
intel xeon x7542
intel core_i7 7700k
intel core_i7 2675qm
intel xeon_e3_1281_v3 -
intel core_i5 3330s
intel core_i5 2500k
intel xeon_e5 2658_v3
intel core_i7 8700
intel atom_e e3827
intel xeon_e5 4650_v2
intel atom_c c3308
canonical ubuntu_linux 17.10
intel core_i5 5575r
intel xeon_gold 6148f
intel core_i7 4980hq
intel xeon_e3_1285_v3 -
intel core_i3 3250
intel core_i7 2657m
intel xeon_e5 2660_v3
intel pentium_j j2900
debian debian_linux 9.0
intel atom_z z2420
intel xeon_e7 8893_v3
intel xeon_e5 2699r_v4
intel core_i7 2720qm
phoenixcontact bl_ppc15_1000_firmware -
intel xeon_e3_1226_v3 -
intel core_i5 8400
intel xeon_phi 7230f
intel core_i5 4258u
intel xeon_platinum 8153
intel xeon_e7 2870
intel core_i7 3687u
intel atom_x3 c3295rk
arm cortex-a8_firmware -
intel core_i5 4250u
intel core_i7 5750hq
intel atom_z z3785
intel core_i5 2410m
phoenixcontact bl2_bpc_2000_firmware -
intel xeon e5640
intel xeon_e7 8850_v2
intel atom_c c3508
intel core_i3 3220
intel xeon_e3_1270_v6 -
intel core_i5 4670k
intel core_i7 3820qm
intel xeon_e7 8870_v3
intel core_i7 3610qm
intel core_i5 2310
intel xeon_e3_1220_v6 -
intel atom_z z3735e
intel atom_z z2480
intel core_i5 4670r
intel xeon_e7 2880_v2
intel xeon_e5_2420 -
intel core_i3 4012y
intel xeon_e7 4870
intel core_i5 430m
intel xeon_e3_1280_v3 -
intel xeon_e5 2650l_v4
intel xeon_gold 6148
intel celeron_j j1800
intel xeon_e7 8860_v4
intel core_i7 2860qm
intel core_i7 4712mq
intel xeon_e5 2670_v2
intel core_i5 3437u
intel core_i3 6300
intel xeon_e3_1265l_v4 -
intel xeon_e5 4628l_v4
intel core_i3 3210
intel xeon_e5_1680_v4 -
intel xeon_silver 4116t
intel xeon_e5_2623_v4 -
intel core_i7 4510u
intel core_i7 5700hq
intel celeron_n n2840
intel core_i3 2100
intel core_i3 2100t
intel core_i5 2500s
suse suse_linux_enterprise_software_development_kit 12
intel xeon l7545
intel core_i3 4170
intel xeon_gold 5120
intel core_m5 6y57
intel xeon_e3_1285_v4 -
intel xeon_e5 2665
intel core_i5 560um
intel xeon_gold 6136
intel xeon_e5_1620_v3 -
intel xeon_e5_2630 -
intel xeon e5603
intel xeon_e5 4655_v3
vmware workstation *
intel core_i3 530
intel core_i3 4340
intel core_i5 560m
intel xeon_e7 8867l
intel core_i7 7700
intel xeon_e5 4620
intel xeon_gold 6138t
intel pentium_n n3540
intel core_i7 3689y
intel atom_x5-e3940 -
intel core_i5 6260u
intel core_i5 2500t
intel core_i7 4712hq
intel xeon_e5 2670
phoenixcontact vl2_ppc_7000_firmware -
intel celeron_j j3160
intel core_i5 4210y
intel core_i5 4410e
intel xeon_e5_2450 -
intel xeon_e3_1231_v3 -
intel xeon_e3_1246_v3 -
intel xeon_e7 4860_v2
intel core_i5 4690s
intel core_i3 2310e
intel core_i3 3229y
intel core_i5 3380m
intel xeon_e5 4655_v4
intel core_i5 6300hq
phoenixcontact vl_ipc_p7000_firmware -
intel atom_c c3830
intel core_i7 4702hq
intel core_i3 3240t
intel core_i5 4590
intel xeon_e5_2618l_v2 -
intel xeon_e5 2690_v2
intel core_i5 2430m
intel atom_c c2758
intel xeon_e3_1268l_v5 -
intel xeon_e5 2683_v3
phoenixcontact bl_ppc15_7000_firmware -
intel core_i7 4790t
intel core_i7 7920hq
intel atom_z z2460
intel atom_z z3745d
intel xeon_e3_1268l_v3 -
intel atom_c c3850
arm neoverse_n2_firmware -
intel xeon_e5_1428l_v3 -
intel core_i3 4000m
intel atom_z z3590
intel core_i5 5250u
intel atom_x7-e3950 -
intel core_i3 4112e
intel core_i3 4330t
intel atom_c c3958
intel xeon_e3_1280_v5 -
intel core_i3 380m
intel core_i3 6100h
intel core_i3 3120m
intel core_i7 980
intel xeon_platinum 8180
intel core_i5 750
intel xeon_e5 2658
intel xeon_e3 1505m_v6
intel xeon l3406
intel core_i3 6157u
intel xeon_e7 8890_v2
intel xeon_e7 8837
intel xeon_platinum 8160m
intel core_i3 2357m
intel xeon_e7 8880_v2
intel xeon_e5 4610_v4
intel xeon_e5_1650_v4 -
intel core_i5 480m
intel xeon e5645
intel xeon_e5_1660_v4 -
intel core_i5 6500te
intel xeon_e3_1240l_v5 -
suse suse_linux_enterprise_software_development_kit 11
phoenixcontact vl2_ppc7_1000_firmware -
arm cortex-a78_firmware -
intel xeon_e5_2407_v2 -
intel xeon_e5_2440 -
intel xeon_e7 2830
intel xeon_silver 4114
intel core_i3 4160t
phoenixcontact bl2_ppc_1000_firmware -
intel core_i7 5850eq
phoenixcontact vl_bpc_3000_firmware -
intel xeon_e5_2470 -
intel core_i7 620ue
intel xeon_e5_2650l -
intel core_i7 4600m
arm neoverse_n1_firmware -
intel xeon_e3_1505l_v6 -
intel core_i5 4590t
intel xeon_e5 2687w
intel core_i3 2348m
intel atom_e e3845
intel atom_c c2308
intel core_i7 4700hq
phoenixcontact vl_bpc_1000_firmware -
intel core_i7 5600u
phoenixcontact bl_bpc_7001_firmware -
intel xeon_e3_1125c_v2 -
intel core_i7 7y75
intel xeon_e7 8890_v4
intel xeon_e5 2698_v3
intel celeron_n n2807
intel core_i7 5500u
intel core_i7 4710hq
intel xeon l5618
intel core_i3 390m
intel core_i7 920
intel core_i7 7567u
intel xeon_e5_2640_v3 -
intel atom_z z3735f
synology skynas -
intel xeon_e5_2640_v2 -
intel core_i3 2115c
intel core_i7 950
intel xeon_e5_2648l_v3 -
intel atom_c c2530
intel atom_z z3530
intel xeon_e5 4650l
intel xeon_e7 8890_v3
intel xeon_e5 2680_v2
intel xeon_e7 4830_v3
intel xeon_e3 1578l_v5
intel core_i7 740qm
intel xeon_e5_2618l_v3 -
intel core_i7 610e
intel core_i7 2820qm
intel xeon_gold 5120t
intel xeon_e5 2687w_v3
intel core_i5 6267u
intel core_i7 2640m
intel core_i5 4308u
intel xeon_silver 4114t
intel xeon_e3_1105c_v2 -
intel core_i5 4360u
intel core_i5 4670s
intel xeon l5520
intel core_i3 4025u
intel core_i7 4790
intel celeron_n n2940
intel core_i5 655k
intel core_i7 2610ue
intel core_i7 7700hq
intel xeon_e5 2698_v4
intel atom_x3 c3445
intel xeon e7540
intel atom_z z3740
intel core_i5 4302y
intel xeon_e7 4820_v2
intel atom_z z3480
intel core_i7 3740qm
intel core_i7 7700t
intel xeon_e7 4809_v4
intel xeon w3690
intel xeon_e5_1620 -
intel xeon w3680
intel xeon_e5_1660_v2 -
intel xeon_e5_1660_v3 -
intel xeon_e7 4820
intel xeon_e5_2640 -
intel xeon_e7 8867_v3
intel core_i3 4158u
intel core_i5 3439y
intel xeon_e3_1275l_v3 -
intel xeon_e7 8880_v4
intel core_i5 2320
intel xeon_e3_1270_v5 -
intel xeon x3450
intel core_i3 2120t
intel core_i7 4770
phoenixcontact vl_bpc_2000_firmware -
intel celeron_n n3150
intel core_i7 940
intel core_i5 3570
phoenixcontact bl_bpc_3000_firmware -
intel core_i3 2350m
intel xeon_gold 6126f
intel core_i3 5020u
intel core_i7 880
intel xeon x5560
intel celeron_j j4105
arm cortex-a76_firmware -
intel atom_c c2508
intel core_i5 4430
intel core_i3 3220t
intel xeon_e5_2609_v4 -
intel core_i5 661
intel core_i5 3340m
intel celeron_n n3050
intel celeron_n n2808
intel atom_c c3750
intel celeron_n n3060
intel core_i7 960
intel core_i5 4310u
intel core_i3 4130t
intel core_i7 3517u
intel atom_c c2718
intel core_i7 3520m
intel core_i5 680
intel xeon_e5 4607_v2
intel xeon_e3_1241_v3 -
intel xeon_e5_2609 -
intel core_i7 970
intel core_m 5y71
intel core_i5 5675r
netapp solidfire -
intel core_i7 660um
intel xeon_e3_1270_v3 -
intel core_i5 3320m
intel core_i7 4578u
intel core_i5 4690k
intel core_i3 2125
intel core_i3 6102e
intel core_i7 3612qe
intel core_i7 4702ec
intel atom_z z2760
intel xeon l3426
intel xeon_e7 2850_v2
intel core_i5 4210h
intel core_i5 660
intel core_i5 760
synology vs360hd_firmware -
intel core_i3 5015u
intel core_i5 580m
intel xeon_e5_2448l_v2 -
intel core_i3 5005u
intel core_i7 7820eq
intel xeon_e5_2623_v3 -
intel core_i7 4770r
intel core_i3 4005u
intel core_i7 4720hq
intel core_i5 4400e
intel xeon_e5_2648l -
intel core_i3 4120u
intel core_i7 7660u
intel xeon_e5_1650 -
intel xeon_e3_1245_v3 -
intel xeon_e3_1270_v2 -
intel xeon_e3_1285_v6 -
intel xeon e5649
intel xeon_e5 2690
intel core_i3 3217u
intel xeon_e5 4640_v2
intel core_i5 2300
intel core_i7 3770s
intel celeron_n n2930
intel xeon_gold 6126
intel xeon_e3_1505m_v5 -
intel xeon_e7 8894_v4
intel core_i3 3240
intel celeron_n n3010
intel core_i7 4558u
intel core_i3 2312m
oracle local_service_management_system 13.1
phoenixcontact dl_ppc21.5m_7000_firmware -
intel xeon_platinum 8160t
intel xeon_e3_1240l_v3 -
intel atom_c c3858
intel atom_z z3735d
phoenixcontact vl2_ppc_1000_firmware -
intel xeon_e5_2608l_v4 -
intel xeon_e5 2658a_v3
vmware esxi 6.0
intel core_i5 460m
oracle local_service_management_system 13.2
intel xeon_e5_2637_v4 -
intel xeon e5506
intel core_i3 560
intel xeon_e3_1275_v3 -
intel xeon x7560
intel atom_z z3560
intel xeon_e3_1225_v5 -
intel atom_c c3955
intel core_i5 520e
intel core_i5 2510e
intel xeon_e5_2448l -
canonical ubuntu_linux 17.04
intel xeon_e3_1220_v3 -
intel xeon_e3_1245 -
intel xeon_bronze_3106 -
intel xeon_e7 4809_v2
phoenixcontact bl2_ppc_2000_firmware -
intel xeon_phi 7210
intel atom_e e3815
intel xeon_e3_1220l_v3 -
intel core_i5 3570s
intel core_i5 4202y
intel core_i3 3120me
intel xeon_e5_2648l_v2 -
intel core_i5 4210u
intel core_i7 3555le
intel xeon_e3_1280_v6 -
phoenixcontact bl_bpc_2001_firmware -
phoenixcontact bl_ppc15_3000_firmware -
intel pentium_n n3530
intel core_i3 380um
intel xeon_e5 4603_v2
intel core_i7 4722hq
intel xeon_e3_1240_v3 -
intel xeon e5607
intel core_i5 3550
intel xeon_e3_1240_v5 -
intel core_i5 2400
intel xeon e6510
intel xeon_gold 6140m
intel core_i5 2435m
intel core_i5 4440s
intel xeon_e5_2643 -
intel xeon_e5_2408l_v3 -
intel core_i7 4650u
intel atom_z z3775
intel xeon_e5 4640_v3
intel xeon_e5 4610_v2
intel core_i3 8100
intel xeon_e5_2630l -
phoenixcontact el_ppc_1000_firmware -
intel atom_c c2558
intel xeon_e5 2667_v2
intel core_m3 7y30
intel xeon_e5_2450l -
intel xeon_e5_2620 -
suse suse_linux_enterprise_desktop 12
intel core_i3 4330te
arm cortex-a75_firmware -
intel core_i5 4670t
intel xeon_e5_2603 -
intel core_i5 4260u
intel core_i3 4160
intel core_i5 3340
intel atom_z z3460
intel atom_c c2516
intel core_i7 2617m
intel xeon_e7 4820_v4
arm cortex-a72_firmware -
intel xeon_e5 2697_v4
intel core_i5 8600k
intel core_i7 620lm
arm cortex-a12_firmware -
intel core_i7 2600s
intel xeon_e7 4850_v3
arm cortex-a9_firmware -
intel xeon_e5_2650_v3 -
intel core_i7 3537u
phoenixcontact bl_rackmount_2u_firmware -
intel core_i7 3840qm
phoenixcontact vl2_ppc_2000_firmware -
intel core_i5 3550s
intel xeon_gold 6126t
intel core_i7 2630qm
intel atom_e e3805
intel core_i7 4700mq
intel xeon_e5 4620_v3
intel xeon_e5_2430l_v2 -
intel xeon_e3_1290 -
intel core_i7 4600u
intel xeon_e3_1230_v5 -
intel xeon_e7 8830
intel xeon_e3_1225 -
intel core_i7 2760qm
intel core_i5 4200u
intel xeon_e3_1501l_v6 -
intel core_i3 3225
intel core_i7 4770te
intel core_i5 4340m
intel xeon_e7 8893_v4
intel core_i5 4300u
intel core_i5 4570
intel core_i7 620um
intel xeon_e3 1585_v5
intel xeon x5570
intel core_i7 3612qm
intel core_i5 4570te
intel xeon_e7 2860
intel core_i5 6350hq
intel atom_x3 c3405
phoenixcontact bl_rackmount_4u_firmware -
intel core_i5 3330
intel core_i3 2102
intel core_i3 6100u
intel xeon_e5_1428l -
intel core_i5 4200y
phoenixcontact bl2_bpc_1000_firmware -
intel core_i5 6440hq
intel xeon_e5 2658_v4
intel core_i5 4460s
intel core_i7 4770hq
intel core_i3 6300t
intel core_i7 4770s
intel xeon_e3_1240_v2 -
intel xeon x3470
intel xeon_gold 6146
intel core_i7 5775c
intel atom_c c2350
intel xeon e5507
intel xeon x5670
intel xeon_e5 4610_v3
intel xeon_e5_2608l_v3 -
intel xeon_e5_2603_v2 -
intel core_i5 4402ec
intel xeon x6550
intel core_i3 4150t
intel core_i5 520um
intel core_i5 3340s
intel xeon_e3_1285l_v4 -
intel pentium_j j3710
debian debian_linux 8.0
intel xeon_e3_1260l_v5 -
intel xeon_e3_1501m_v6 -
intel xeon_e5 4669_v4
intel core_i5 6200u
intel xeon_e5 4627_v2
intel core_m7 6y75
intel core_i7 5700eq
intel core_i7 8550u
intel xeon x5675
suse suse_linux_enterprise_server 11
intel xeon_e7 8880_v3
intel xeon_e5_2418l_v3 -
intel core_i3 4330
intel xeon_e7 2803
intel xeon_e3_1225_v2 -
intel xeon_e5 2690_v4
intel core_i5 4460t
intel core_i5 6442eq
intel core_i7 7820hq
intel xeon_e3_1235 -
synology virtual_machine_manager *
intel core_i3 330um
intel core_m5 6y54
intel xeon_e7 4890_v2
intel core_i3 4110e
phoenixcontact vl_ppc_3000_firmware -
intel xeon_e3 1585l_v5
intel celeron_n n2815
intel xeon_e3_1286_v3 -
intel xeon_e5 2699_v4
intel core_i3 4110m
intel xeon_e5_2430 -
intel core_i5 6400t
intel xeon_e3_1230_v6 -
intel xeon_e5_2403_v2 -
intel core_i7 870s
intel xeon x5672
intel core_i3 2330e
intel core_i5 4220y
intel xeon l7555
intel core_i3 2105
intel core_m 5y31
canonical ubuntu_linux 16.04
intel xeon_e5 2695_v4
intel xeon_gold 5122
intel core_i3 4370
intel core_i3 350m
intel xeon_e5 2680
intel atom_z z3580
intel core_i7 7820hk
intel celeron_j j3355
intel core_m 5y10a
intel core_i3 550
intel core_i5 3350p
intel core_i3 6167u
phoenixcontact dl_ppc15m_7000_firmware -
intel xeon_gold 6132
intel xeon l5638
intel xeon_e3_1280 -
intel xeon_e7 2850
intel core_i3 4030y
intel core_i5 4440
intel xeon_e5_2650_v4 -
intel core_i7 2960xm
intel xeon_e3_1240 -
intel core_i5 6402p
intel celeron_j j4005
intel xeon_e3_1235l_v5 -
intel xeon_e5 2699a_v4
intel celeron_n n4000
intel xeon_e5_2450_v2 -
intel core_i3 2340ue
intel xeon_e5_2603_v4 -
intel xeon x7550
phoenixcontact bl_ppc12_1000_firmware -
pepperl-fuchs visunet_rm_shell -
phoenixcontact valueline_ipc_firmware -
intel core_i7 4700eq
intel celeron_j j1750
intel xeon x5667
intel xeon_e5_2438l_v3 -
intel xeon_e7 4850
pepperl-fuchs btc14_firmware -
intel core_i3 6320
intel xeon_platinum 8164
intel xeon x5550
intel xeon_e5 4627_v4
intel xeon_e5 4640_v4
intel atom_c c2750
intel xeon_gold 6142m
intel core_i5 450m
intel core_i7 3667u
intel core_i3 4370t
intel core_i5 4570s
arm cortex-a77_firmware -
intel core_i5 6360u
intel xeon_gold 6142
intel xeon_phi 7285
intel xeon_e7 4820_v3
intel core_i3 2330m
intel xeon e5503
intel core_i5 2380p
intel core_i5 4310m
intel xeon_e5 4610
intel xeon_gold 6154
intel xeon_e5_2403 -
intel core_i7 5550u
intel xeon_e7 8870_v4
intel core_i5 3610me
intel xeon_e7 2820
intel pentium_n n4200
intel core_i3 6100te
intel core_i7 2670qm
synology vs960hd_firmware -
vmware esxi 6.5
intel core_i3 4150
intel core_m 5y70
phoenixcontact bl_ppc17_7000_firmware -
intel core_i5 4570r
vmware esxi 5.5.0
intel pentium_n n3710
siemens simatic_winac_rtx_(f)_2010_firmware 2010
intel core_i5 6600t
intel xeon_e3 1535m_v6
synology router_manager *
intel core_i5 3450
intel xeon_e5_2630l_v2 -
intel xeon_e5_2643_v4 -
intel xeon_gold 6128
intel core_i5 5675c
intel atom_c c3538
intel atom_x3 c3200rk
intel xeon_e3_1245_v2 -
intel xeon_e5_2630l_v3 -
intel xeon_e3 1535m_v5
intel xeon l5518
intel core_i7 4785t
intel core_i5 4590s
intel core_i7 980x
intel core_i7 660lm
intel core_i7 7500u
intel atom_z z3745
arm cortex-a15_firmware -
intel xeon_phi 7295
intel core_i7 930
intel xeon_gold 6138
intel xeon_platinum 8176m
intel core_i7 7600u
intel xeon_e3_1276_v3 -
intel xeon_e3_1240_v6 -
intel xeon_e3_1285l_v3 -
intel xeon_e5 4607
intel atom_z z3795
intel pentium_n n3510
intel xeon_e3_1275_v6 -
intel xeon_e7 4850_v2
intel xeon_e5_2640_v4 -
intel core_i5 6300u
intel core_i3 6098p
intel core_i3 4030u
intel atom_z z2560
intel xeon_e5 4624l_v2
intel core_i5 2550k
intel core_i3 6100e
intel xeon_e5 2667_v4
intel core_i5 3427u
intel xeon_phi 7230
intel xeon_e5 4620_v2
intel core_i5 3360m
suse suse_linux_enterprise_server 12
intel xeon_e7 4830
intel core_m 5y10
siemens simatic_itc2200_firmware *
intel core_i7 620le
intel celeron_n n3000
phoenixcontact vl2_bpc_2000_firmware -
intel xeon_e5 4648_v3
intel xeon_e3_1290_v2 -
intel xeon_phi 7210f
intel xeon_e5 2660_v4
intel core_i7 4500u
intel xeon_gold 6138f
intel core_i5 5350u
intel xeon_phi 7290
intel core_i7 3630qm
intel xeon ec5539
intel xeon_silver 4109t
intel xeon_platinum 8160
intel core_i3 4350
intel celeron_n n2920
intel xeon_e5_2620_v2 -
intel xeon_gold 6144
intel atom_c c2738
intel xeon_e3_1505l_v5 -
netapp hci -
intel xeon_e5_1650_v2 -
intel core_i3 4350t
intel xeon_e7 2890_v2
intel core_i7 2715qe
intel xeon_e3 1545m_v5
intel xeon_e7 8860_v3
intel core_i7 840qm
intel core_i7 3615qe
intel xeon_e5_2637 -
intel xeon_e5 2699_v3
intel xeon_gold 6130f
intel xeon_gold 6142f
siemens simatic_winac_rtx_(f)_2010_firmware *
intel core_i5 2500
intel atom_e e3826
synology diskstation_manager *
intel xeon_e3_1230_v2 -
intel xeon_e3 1565l_v5
intel atom_c c2518
intel core_i3 2375m
intel core_i5 520m
CVE-2017-5898 LOW

Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-190,

Products Affected

Vendor Product Version
qemu qemu *
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_server_for_sap 12
CVE-2017-7297 MEDIUM

Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse rancher *
CVE-2017-7995 LOW

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse openstack_cloud 5
novell suse_linux_enterprise_point_of_sale 11.0
suse manager_proxy 2.1
suse manager 2.1
xen xen *
novell suse_linux_enterprise_server 11.0
CVE-2018-10195 LOW

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-190,

Products Affected

Vendor Product Version
lrzsz_project lrzsz *
debian debian_linux 9.0
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
suse linux_enterprise_server 11
suse linux_enterprise_debuginfo 11
CVE-2018-10875 MEDIUM

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-426,CWE-426,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 19.04
suse package_hub -
redhat ceph_storage 2.0
redhat ceph_storage 3.0
redhat virtualization 4.0
redhat openshift 3.0
redhat gluster_storage 3.0.0
redhat virtualization_host 4.0
redhat openstack 10
redhat ansible_engine 2.5
redhat ansible_engine 2.4
redhat ansible_engine 2.6
debian debian_linux 9.0
redhat openstack 12
canonical ubuntu_linux 18.04
redhat ansible_engine 2.0
redhat openstack 13
debian debian_linux 8.0
CVE-2018-12116 MEDIUM

Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-115,NVD-CWE-Other,

Products Affected

Vendor Product Version
nodejs node.js *
suse suse_linux_enterprise_server 15
suse suse_enterprise_storage 4
suse suse_openstack_cloud 7
suse suse_openstack_cloud 8
suse suse_linux_enterprise_server 12
CVE-2018-12122 MEDIUM

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,CWE-400,

Products Affected

Vendor Product Version
nodejs node.js *
suse suse_linux_enterprise_server 15
suse suse_enterprise_storage 4
suse suse_openstack_cloud 7
suse suse_openstack_cloud 8
suse suse_linux_enterprise_server 12
CVE-2018-12470 HIGH

A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
suse subscription_management_tool *
CVE-2018-12471 MEDIUM

A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,CWE-611,

Products Affected

Vendor Product Version
suse subscription_management_tool *
CVE-2018-12472 MEDIUM

A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a sibling server. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
suse subscription_management_tool *
CVE-2018-12476 MEDIUM

Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@opentext.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-23,CWE-22,

Products Affected

Vendor Product Version
suse obs-service-tar_scm *
CVE-2018-14522 MEDIUM

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse leap 42.3
suse linux_enterprise 15.0
aubio aubio 0.4.6
opensuse leap 15.0
CVE-2018-14523 MEDIUM

An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 42.3
suse linux_enterprise 15.0
aubio aubio 0.4.6
opensuse leap 15.0
CVE-2018-16588 MEDIUM

Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are created with mode 0777 during user creation. Given that they are world-writable, local attackers might use this for privilege escalation and other unspecified attacks. NOTE: this would affect non-SUSE users who took useradd.c code from a 2014-04-02 upstream pull request; however, no non-SUSE distribution is known to be affected.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
suse shadow *
CVE-2018-16837 LOW

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.

CVSS 2.0

Severity: LOW

Problem Type: CWE-214,CWE-311,

Products Affected

Vendor Product Version
redhat ansible_tower 3.3.0
redhat ansible_engine 2.6
debian debian_linux 9.0
suse package_hub -
redhat ansible_engine 2.0
redhat ansible_engine 2.7
debian debian_linux 8.0
redhat ansible_engine 2.5
CVE-2018-16873 MEDIUM

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it's possible to arrange things so that a Git repository is cloned to a folder named ".git" by using a vanity import path that ends with "/.git". If the Git repository root contains a "HEAD" file, a "config" file, an "objects" directory, a "refs" directory, with some work to ensure the proper ordering of operations, "go get -u" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the "config" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running "go get -u".

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
opensuse leap 42.3
debian debian_linux 9.0
golang go *
suse linux_enterprise_server 12
opensuse backports_sle 15.0
opensuse leap 15.0
opensuse leap 15.1
CVE-2018-16874 MEDIUM

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-22,

Products Affected

Vendor Product Version
opensuse leap 42.3
debian debian_linux 9.0
golang go *
suse linux_enterprise_server 12
opensuse backports_sle 15.0
opensuse leap 15.0
opensuse leap 15.1
CVE-2018-16876 LOW

ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 19.04
suse package_hub -
redhat ansible_engine 2.5
redhat openstack 14
redhat ansible_engine 2.6
debian debian_linux 9.0
canonical ubuntu_linux 18.04
redhat ansible_engine 2.0
redhat ansible_engine 2.7
redhat enterprise_linux_workstation 7.0
redhat ansible *
CVE-2018-17954 HIGH

An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1, crowbar-. SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3, ardana-. SUSE OpenStack Cloud 9 ardana-ansible versions prior to 9.0+git.1581611758.f694f7d-3.16.1, ardana-. SUSE OpenStack Cloud Crowbar 8 crowbar-core versions prior to 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-. SUSE OpenStack Cloud Crowbar 9 crowbar-core versions prior to 6.0+git.1582892022.cbd70e833-3.19.3, crowbar-.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
security@opentext.com 9.3 CRITICAL CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 2.5 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,CWE-269,

Products Affected

Vendor Product Version
suse openstack_cloud 9.0
suse openstack_cloud_crowbar 8.0
suse openstack_cloud_crowbar 9.0
suse openstack_cloud 8.0
suse openstack_cloud 7.0
CVE-2018-17957 LOW

The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database.

CVSS 2.0

Severity: LOW

Problem Type: CWE-214,CWE-287,

Products Affected

Vendor Product Version
suse repository_mirroring_tool *
CVE-2018-17962 MEDIUM

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
redhat linux 6.0
canonical ubuntu_linux 14.04
qemu qemu 2.1.0
canonical ubuntu_linux 18.10
qemu qemu 2.12.0
debian debian_linux 9.0
oracle linux 7
qemu qemu 2.8.0
suse linux_enterprise_server 12
canonical ubuntu_linux 18.04
suse linux_enterprise_server 15
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2018-18584 MEDIUM

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
libmspack_project libmspack 0.6
cabextract_project cabextract *
canonical ubuntu_linux 14.04
libmspack_project libmspack 0.5
libmspack_project libmspack 0.7
libmspack_project libmspack 0.7.1
redhat enterprise_linux 7.0
libmspack_project libmspack 0.3
canonical ubuntu_linux 18.10
canonical ubuntu_linux 12.04
starwindsoftware starwind_virtual_san -
libmspack_project libmspack 0.4
suse linux_enterprise_server 12
canonical ubuntu_linux 18.04
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2018-18585 MEDIUM

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
kyzer libmspack 0.7
canonical ubuntu_linux 14.04
kyzer libmspack 0.6
kyzer libmspack 0.4
kyzer libmspack 0.5
canonical ubuntu_linux 18.10
canonical ubuntu_linux 12.04
starwindsoftware starwind_virtual_san -
kyzer libmspack 0.3
suse linux_enterprise_server 12
canonical ubuntu_linux 18.04
debian debian_linux 8.0
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
CVE-2018-18873 MEDIUM

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
jasper_project jasper 2.0.14
canonical ubuntu_linux 14.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2018-19052 MEDIUM

An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
lighttpd lighttpd *
debian debian_linux 9.0
suse suse_linux_enterprise_server 11
opensuse backports_sle 15.0
opensuse leap 15.0
opensuse leap 15.1
suse suse_linux_enterprise_server 12
CVE-2018-19208 MEDIUM

In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 11
redhat enterprise_linux 7.0
libwpd_project libwpd 0.10.2
CVE-2018-19539 MEDIUM

An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
jasper_project jasper 2.0.14
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 15.0
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2018-19540 MEDIUM

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
jasper_project jasper 2.0.14
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2018-19541 MEDIUM

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
jasper_project jasper 2.0.14
canonical ubuntu_linux 14.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2018-19542 MEDIUM

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
jasper_project jasper 2.0.14
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
opensuse leap 15.0
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2018-19543 MEDIUM

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
jasper_project jasper 2.0.14
canonical ubuntu_linux 14.04
suse linux_enterprise_server 12
suse linux_enterprise_desktop 12
debian debian_linux 8.0
suse linux_enterprise_server 11
CVE-2018-19655 MEDIUM

A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_desktop 12
dcraw_project dcraw *
suse suse_linux_enterprise_server 11
suse suse_linux_enterprise_server 12
CVE-2018-20105 LOW

A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@opentext.com 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-532,CWE-532,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 15
opensuse leap 15.0
yast2-rmt_project yast2-rmt *
CVE-2018-20321 HIGH

An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the default namespace in a separate project, where only cluster admins can be given permissions to access. As of 2018-12-20, this bug affected ALL clusters created or imported by Rancher.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-668,

Products Affected

Vendor Product Version
suse rancher *
CVE-2018-6556 LOW

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.

CVSS 2.0

Severity: LOW

Problem Type: CWE-417,

Products Affected

Vendor Product Version
suse caas_platform 1.0
suse caas_platform 2.0
canonical ubuntu_linux 18.04
suse suse_linux_enterprise_server 11
linuxcontainers lxc *
suse openstack_cloud 6
opensuse leap 15.0
CVE-2018-7566 MEDIUM

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-362,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server 6.0
linux linux_kernel 4.15
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_desktop 6.0
oracle communications_eagle_application_processor 16.2.0
canonical ubuntu_linux 12.04
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
suse linux_enterprise_module_for_public_cloud 12
suse linux_enterprise_server 12
redhat enterprise_linux_server_aus 7.6
debian debian_linux 7.0
debian debian_linux 8.0
redhat enterprise_linux_workstation 7.0
oracle communications_eagle_application_processor 16.1.0
CVE-2018-8059 MEDIUM

The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
suse portus 2.3.0
CVE-2019-11038 MEDIUM

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-457,CWE-908,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
redhat enterprise_linux 8.0
canonical ubuntu_linux 19.10
canonical ubuntu_linux 14.04
redhat software_collections 1.0
redhat enterprise_linux 7.0
opensuse leap 15.1
php php *
suse linux_enterprise_debuginfo 11
libgd libgd 2.2.5
fedoraproject fedora 30
fedoraproject fedora 32
debian debian_linux 9.0
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_server 12
canonical ubuntu_linux 18.04
suse linux_enterprise_desktop 12
suse linux_enterprise_software_development_kit 12
debian debian_linux 8.0
fedoraproject fedora 29
CVE-2019-11202 HIGH

An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher administrator may choose to delete this default admin user. If Rancher is restarted, the default admin user will be recreated with the well-known default password. An attacker could exploit this by logging in with the default admin credentials. This can be mitigated by deactivating the default admin user rather than completing deleting them.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
suse rancher *
CVE-2019-11709 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse package_hub -
opensuse leap 15.0
opensuse leap 15.1
mozilla thunderbird *
debian debian_linux 8.0
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11730 MEDIUM

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse package_hub -
opensuse leap 15.0
opensuse leap 15.1
mozilla thunderbird *
debian debian_linux 8.0
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11881 MEDIUM

A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse rancher 2.1.4
CVE-2019-12274 MEDIUM

In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as /root/.kube/config or /var/lib/rancher/management-state/cred/kubeconfig-system.yaml.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-668,CWE-862,

Products Affected

Vendor Product Version
suse rancher *
CVE-2019-12303 MEDIUM

In Rancher 2 through 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
suse rancher *
CVE-2019-13209 MEDIUM

Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is accomplished, the exploiter is able to execute commands against the cluster's Kubernetes API with the permissions and identity of the victim.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
suse rancher *
CVE-2019-13734 MEDIUM

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux_eus 8.4
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux 8.0
oracle communications_cloud_native_core_network_repository_function 1.14.0
google chrome *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_tus 8.2
suse package_hub -
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_server_tus 7.7
redhat openshift_container_platform 3.11
redhat enterprise_linux_desktop 6.0
fedoraproject fedora 31
debian debian_linux 9.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_workstation 7.0
debian debian_linux 10.0
canonical ubuntu_linux 19.10
redhat enterprise_linux_server 6.0
redhat openshift_container_platform 4.2
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 8.1
fedoraproject fedora 30
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_tus 8.4
opensuse backports_sle 15.0
redhat enterprise_linux_server_aus 8.4
CVE-2019-13745 MEDIUM

Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2019-13764 MEDIUM

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2019-15623 MEDIUM

Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-359,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
nextcloud nextcloud_server *
suse package_hub -
opensuse backports_sle 15.0
CVE-2019-15624 MEDIUM

Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N 1.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
opensuse backports sle-15
nextcloud nextcloud_server *
suse suse_linux_enterprise_server 12
CVE-2019-18897 HIGH

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,CWE-59,

Products Affected

Vendor Product Version
suse linux_enterprise_server 12
suse linux_enterprise_server 15
opensuse leap 15.1
CVE-2019-18898 HIGH

UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
meissner@suse.de 7.7 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 2.5 5.2

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,CWE-59,

Products Affected

Vendor Product Version
suse trousers *
opensuse leap 15.1
CVE-2019-18901 LOW

A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1.

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,CWE-59,

Products Affected

Vendor Product Version
suse linux_enterprise_server 12
suse linux_enterprise_server 15
opensuse leap 15.1
CVE-2019-18902 HIGH

A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.5 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 1.6 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
suse linux_enterprise_server 12
suse linux_enterprise_server 15
opensuse leap 15.1
CVE-2019-18903 HIGH

A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
meissner@suse.de 7.5 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 1.6 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
suse linux_enterprise_server 12
suse linux_enterprise_server 15
opensuse leap 15.1
CVE-2019-19880 MEDIUM

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
debian debian_linux 10.0
sqlite sqlite 3.30.1
redhat enterprise_linux_server 6.0
suse package_hub -
siemens sinec_infrastructure_network_services *
netapp cloud_backup -
opensuse leap 15.1
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
oracle mysql_workbench *
opensuse backports_sle 15.0
CVE-2019-19923 MEDIUM

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
debian debian_linux 10.0
sqlite sqlite 3.30.1
redhat enterprise_linux_server 6.0
suse package_hub -
siemens sinec_infrastructure_network_services *
netapp cloud_backup -
opensuse leap 15.1
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
oracle mysql_workbench *
opensuse backports_sle 15.0
CVE-2019-19925 MEDIUM

zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
debian debian_linux 10.0
sqlite sqlite 3.30.1
redhat enterprise_linux_server 6.0
suse package_hub -
siemens sinec_infrastructure_network_services *
netapp cloud_backup -
opensuse leap 15.1
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
oracle mysql_workbench *
opensuse backports_sle 15.0
CVE-2019-19926 MEDIUM

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
debian debian_linux 10.0
sqlite sqlite 3.30.1
redhat enterprise_linux_server 6.0
suse package_hub -
siemens sinec_infrastructure_network_services *
netapp cloud_backup -
opensuse leap 15.1
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
oracle mysql_workbench *
opensuse backports_sle 15.0
CVE-2019-3682 MEDIUM

The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-668,CWE-668,

Products Affected

Vendor Product Version
suse caas_platform 3.0
CVE-2019-3683 MEDIUM

The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
meissner@suse.de 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,CWE-732,

Products Affected

Vendor Product Version
hp helion_openstack 8.0
suse openstack_cloud 8.0
suse keystone-json-assignment *
CVE-2019-3684 MEDIUM

SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on systems that don't have a swap already configured and don't have btrfs as filesystem

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-922,CWE-922,

Products Affected

Vendor Product Version
suse manager *
CVE-2019-3686 MEDIUM

openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
suse openqa *
CVE-2019-3687 LOW

The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-276,CWE-276,

Products Affected

Vendor Product Version
suse linux_enterprise_server -
CVE-2019-3688 MEDIUM

The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 1.8 5.2
meissner@suse.de 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 2.5 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-276,CWE-276,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_server 15
suse suse_linux_enterprise_server 12
CVE-2019-3692 HIGH

The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,CWE-59,

Products Affected

Vendor Product Version
suse inn *
opensuse backports_sle 15.0
opensuse leap 15.1
CVE-2019-3693 HIGH

A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
meissner@suse.de 7.7 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 2.5 5.2

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,CWE-59,

Products Affected

Vendor Product Version
suse mailman *
opensuse backports_sle 15.0
CVE-2019-3694 HIGH

A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.7 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 2.5 5.2
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,CWE-59,

Products Affected

Vendor Product Version
suse munin *
opensuse munin *
CVE-2019-3700 LOW

yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used until yast2-security switched to stronger defaults in 4.2.6 and used the new configuration file locations. Password created during this time used DES password encryption and are not properly protected against attackers that are able to access the password hashes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
meissner@suse.de 2.9 LOW CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 1.4 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-327,CWE-327,

Products Affected

Vendor Product Version
suse yast2-security *
CVE-2019-5798 MEDIUM

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
redhat enterprise_linux 6.0
opensuse leap 42.3
opensuse backports sle-15
redhat enterprise_linux 8.0
google chrome *
canonical ubuntu_linux 19.04
suse package_hub -
opensuse leap 15.0
redhat enterprise_linux 7.0
opensuse leap 15.1
canonical ubuntu_linux 18.10
debian debian_linux 9.0
canonical ubuntu_linux 18.04
debian debian_linux 8.0
CVE-2019-6287 MEDIUM

In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
suse rancher *
CVE-2019-6690 MEDIUM

python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting the affect functionality component.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.10
suse backports -
debian debian_linux 9.0
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.04
opensuse leap 15.0
debian debian_linux 8.0
python python-gnupg 0.4.3
CVE-2019-9211 MEDIUM

There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
suse backports -
gnu pspp 1.2.0
fedoraproject fedora 29
CVE-2020-10676

In Rancher 2.x before 2.6.13 and 2.7.x before 2.7.4, an incorrectly applied authorization check allows users who have certain access to a namespace to move that namespace to a different project.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
suse rancher *
CVE-2020-10802 MEDIUM

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
phpmyadmin phpmyadmin *
suse package_hub -
opensuse backports_sle 15.0
opensuse leap 15.1
debian debian_linux 8.0
CVE-2020-10803 LOW

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-89,

Products Affected

Vendor Product Version
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
phpmyadmin phpmyadmin *
suse package_hub -
opensuse backports_sle 15.0
opensuse leap 15.1
debian debian_linux 8.0
CVE-2020-10804 MEDIUM

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
phpmyadmin phpmyadmin *
suse package_hub -
opensuse backports_sle 15.0
opensuse leap 15.1
CVE-2020-14147 MEDIUM

An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.7 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H 3.1 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
oracle communications_operations_monitor 3.4
oracle communications_operations_monitor 4.1
oracle communications_operations_monitor 4.2
oracle communications_operations_monitor 4.3
suse linux_enterprise 12.0
redislabs redis *
CVE-2020-15705 MEDIUM

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@ubuntu.com 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9
nvd@nist.gov 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-347,CWE-347,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
microsoft windows_10 1709
redhat enterprise_linux_atomic_host -
redhat enterprise_linux 8.0
canonical ubuntu_linux 14.04
microsoft windows_10 1809
suse suse_linux_enterprise_server 15
microsoft windows_10 1909
microsoft windows_10 1903
suse suse_linux_enterprise_server 11
microsoft windows_server_2016 2004
opensuse leap 15.2
microsoft windows_server_2012 -
canonical ubuntu_linux 18.04
redhat openshift_container_platform 4.0
microsoft windows_10 2004
microsoft windows_10 1803
debian debian_linux 10.0
microsoft windows_10 -
canonical ubuntu_linux 20.04
redhat enterprise_linux 7.0
opensuse leap 15.1
microsoft windows_server_2016 1909
microsoft windows_rt_8.1 -
suse suse_linux_enterprise_server 12
microsoft windows_server_2019 -
microsoft windows_server_2012 r2
gnu grub2 *
microsoft windows_server_2016 -
microsoft windows_8.1 -
microsoft windows_server_2016 1903
microsoft windows_10 1607
CVE-2020-15706 MEDIUM

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-362,CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
microsoft windows_10 1709
redhat enterprise_linux_atomic_host -
redhat enterprise_linux 8.0
canonical ubuntu_linux 14.04
microsoft windows_10 1809
suse suse_linux_enterprise_server 15
microsoft windows_10 1909
microsoft windows_10 1903
suse suse_linux_enterprise_server 11
microsoft windows_server_2016 2004
opensuse leap 15.2
microsoft windows_server_2012 -
canonical ubuntu_linux 18.04
redhat openshift_container_platform 4.0
microsoft windows_10 2004
microsoft windows_10 1803
debian debian_linux 10.0
microsoft windows_10 -
canonical ubuntu_linux 20.04
redhat enterprise_linux 7.0
opensuse leap 15.1
microsoft windows_server_2016 1909
microsoft windows_rt_8.1 -
suse suse_linux_enterprise_server 12
microsoft windows_server_2019 -
microsoft windows_server_2012 r2
gnu grub2 *
microsoft windows_server_2016 -
microsoft windows_8.1 -
microsoft windows_server_2016 1903
microsoft windows_10 1607
CVE-2020-15707 MEDIUM

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.5 5.9
security@ubuntu.com 5.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H 0.5 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-190,CWE-362,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
microsoft windows_10 1709
redhat enterprise_linux_atomic_host -
redhat enterprise_linux 8.0
canonical ubuntu_linux 14.04
microsoft windows_10 1809
suse suse_linux_enterprise_server 15
microsoft windows_10 1909
microsoft windows_10 1903
suse suse_linux_enterprise_server 11
microsoft windows_server_2016 2004
opensuse leap 15.2
microsoft windows_server_2012 -
canonical ubuntu_linux 18.04
redhat openshift_container_platform 4.0
microsoft windows_10 2004
microsoft windows_10 1803
debian debian_linux 10.0
microsoft windows_10 -
canonical ubuntu_linux 20.04
redhat enterprise_linux 7.0
opensuse leap 15.1
microsoft windows_server_2016 1909
netapp active_iq_unified_manager *
microsoft windows_rt_8.1 -
suse suse_linux_enterprise_server 12
microsoft windows_server_2019 -
microsoft windows_server_2012 r2
gnu grub2 *
microsoft windows_server_2016 -
microsoft windows_8.1 -
microsoft windows_server_2016 1903
microsoft windows_10 1607
CVE-2020-24368 MEDIUM

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
debian debian_linux 10
debian debian_linux 9.0
suse package_hub -
icinga icinga_web_2 *
CVE-2020-5504 MEDIUM

In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
phpmyadmin phpmyadmin *
debian debian_linux 8.0
suse suse_linux_enterprise_server 12
CVE-2020-6381 MEDIUM

Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6382 MEDIUM

Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6385 MEDIUM

Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-754,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6390 MEDIUM

Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6391 MEDIUM

Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6392 MEDIUM

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6393 MEDIUM

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6394 MEDIUM

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6396 MEDIUM

Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6397 MEDIUM

Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6398 MEDIUM

Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-908,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6400 MEDIUM

Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6402 MEDIUM

Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6403 MEDIUM

Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6404 MEDIUM

Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6406 MEDIUM

Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
redhat enterprise_linux_desktop 6.0
CVE-2020-6408 MEDIUM

Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6415 MEDIUM

Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6416 MEDIUM

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
google chrome *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
suse package_hub -
opensuse backports_sle 15.0
redhat enterprise_linux_desktop 6.0
CVE-2020-6422 MEDIUM

Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
google chrome *
debian debian_linux 9.0
suse suse_linux_enterprise_desktop 12
opensuse backports_sle 15.0
suse suse_linux_enterprise_server 12
CVE-2020-6424 MEDIUM

Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
google chrome *
debian debian_linux 9.0
suse suse_linux_enterprise_desktop 12
opensuse backports_sle 15.0
suse suse_linux_enterprise_server 12
CVE-2020-6426 MEDIUM

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
google chrome *
debian debian_linux 9.0
suse suse_linux_enterprise_desktop 12
opensuse backports_sle 15.0
suse suse_linux_enterprise_server 12
CVE-2020-6427 MEDIUM

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
google chrome *
debian debian_linux 9.0
suse suse_linux_enterprise_desktop 12
opensuse backports_sle 15.0
suse suse_linux_enterprise_server 12
CVE-2020-6428 MEDIUM

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
google chrome *
debian debian_linux 9.0
suse suse_linux_enterprise_desktop 12
opensuse backports_sle 15.0
suse suse_linux_enterprise_server 12
CVE-2020-6429 MEDIUM

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
google chrome *
debian debian_linux 9.0
suse suse_linux_enterprise_desktop 12
opensuse backports_sle 15.0
suse suse_linux_enterprise_server 12
CVE-2020-6449 MEDIUM

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 30
fedoraproject fedora 32
google chrome *
debian debian_linux 9.0
suse suse_linux_enterprise_desktop 12
opensuse backports_sle 15.0
suse suse_linux_enterprise_server 12
CVE-2020-7106 MEDIUM

Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 31
cacti cacti *
fedoraproject fedora 30
debian debian_linux 9.0
fedoraproject extra_packages_for_enterprise_linux 8.0
fedoraproject extra_packages_for_enterprise_linux 9.0
suse package_hub -
opensuse backports_sle 15.0
fedoraproject extra_packages_for_enterprise_linux 7.0
opensuse leap 15.1
debian debian_linux 8.0
CVE-2020-8013 LOW

A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1.

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,CWE-59,

Products Affected

Vendor Product Version
suse linux_enterprise_server 12
suse linux_enterprise_server 15
opensuse leap 15.1
suse linux_enterprise_server 11
CVE-2020-8018 HIGH

A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by the user This issue affects: SUSE Linux Enterprise Server 15 SP1 SLES15-SP1-CAP-Deployment-BYOS version 1.0.1 and prior versions; SLES15-SP1-CHOST-BYOS versions prior to 1.0.3 and prior versions;

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
meissner@suse.de 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-276,CWE-276,

Products Affected

Vendor Product Version
suse linux_enterprise_desktop 15
CVE-2020-8025 MEDIUM

A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 6.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L 1.8 3.7
nvd@nist.gov 9.3 CRITICAL CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 2.5 6.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-279,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_server 15
suse linux_enterprise_high_performance_computing 15
CVE-2020-8028 HIGH

A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 9.3 CRITICAL CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 2.5 6.0
nvd@nist.gov 9.3 CRITICAL CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 2.5 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,

Products Affected

Vendor Product Version
suse salt-netapi-client *
CVE-2020-8029 LOW

A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 2.9 LOW CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 1.4 1.4
nvd@nist.gov 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-732,

Products Affected

Vendor Product Version
suse caas_platform 4.5
CVE-2020-8030 LOW

A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 3.6 LOW CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N 1.0 2.5
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 1.8 2.5

CVSS 2.0

Severity: LOW

Problem Type: CWE-377,

Products Affected

Vendor Product Version
suse caas_platform 4.5
CVE-2021-25313 MEDIUM

A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rancher allows remote attackers to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions prior to 2.5.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N 2.8 4.2
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
suse rancher *
CVE-2021-25314 HIGH

A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux Enterprise High Availability 12-SP3, SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise High Availability 15-SP2 allows local attackers to escalate to root. This issue affects: SUSE Linux Enterprise High Availability 12-SP3 hawk2 versions prior to 2.6.3+git.1614685906.812c31e9. SUSE Linux Enterprise High Availability 12-SP5 hawk2 versions prior to 2.6.3+git.1614685906.812c31e9. SUSE Linux Enterprise High Availability 15-SP2 hawk2 versions prior to 2.6.3+git.1614684118.af555ad9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-378,CWE-668,

Products Affected

Vendor Product Version
suse hawk2 *
CVE-2021-25316 LOW

A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions prior to 2.1.0-18.29.1. SUSE Linux Enterprise Server 15-SP2 s390-tools versions prior to 2.11.0-9.20.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-377,

Products Affected

Vendor Product Version
suse s390-tools *
CVE-2021-25317 LOW

A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS cups versions prior to 1.3.9. SUSE Manager Server 4.0 cups versions prior to 2.2.7. SUSE OpenStack Cloud Crowbar 9 cups versions prior to 1.7.5. openSUSE Leap 15.2 cups versions prior to 2.2.7. openSUSE Factory cups version 2.3.3op2-2.1 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4
meissner@suse.de 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-276,

Products Affected

Vendor Product Version
fedoraproject fedora 32
suse cups *
fedoraproject fedora 33
fedoraproject fedora 34
CVE-2021-25321 HIGH

A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
meissner@suse.de 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-61,NVD-CWE-Other,

Products Affected

Vendor Product Version
suse arpwatch *
CVE-2021-32000 MEDIUM

A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
opensuse opensuse_factory -
suse linux_enterprise_server 12
suse linux_enterprise_server 15
CVE-2021-32001 MEDIUM

K3s in SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup, to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc.) and decrypt it, without having to know the token value. This issue affects: SUSE Rancher K3s version v1.19.12+k3s1, v1.20.8+k3s1, v1.21.2+k3s1 and prior versions; RKE2 version v1.19.12+rke2r1, v1.20.8+rke2r1, v1.21.2+rke2r1 and prior versions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,NVD-CWE-Other,

Products Affected

Vendor Product Version
suse rancher_rke2 1.21.2
suse rancher_k3s 1.20.8
suse rancher_rke2 1.19.12
suse rancher_rke2 1.20.8
suse rancher_k3s 1.19.12
suse rancher_k3s 1.21.2
CVE-2021-36778 MEDIUM

A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,CWE-863,

Products Affected

Vendor Product Version
suse rancher *
CVE-2021-36782

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.

Products Affected

Vendor Product Version
suse rancher *
CVE-2021-36783

A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE Rancher Rancher versions prior to 2.6.4; Rancher versions prior to 2.5.13.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0
nvd@nist.gov 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

Products Affected

Vendor Product Version
suse rancher *
CVE-2021-36784 MEDIUM

A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-269,

Products Affected

Vendor Product Version
suse rancher *
CVE-2021-4028

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.

Products Affected

Vendor Product Version
suse linux_enterprise 15.0
linux linux_kernel *
CVE-2021-4034 HIGH

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-125,CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
suse manager_server 4.1
redhat enterprise_linux 8.0
suse manager_proxy 4.1
redhat enterprise_linux_eus 8.2
suse linux_enterprise_desktop 15
redhat enterprise_linux_server_update_services_for_sap_solutions 7.7
starwindsoftware starwind_hyperconverged_appliance -
siemens sinumerik_edge *
oracle zfs_storage_appliance_kit 8.8
redhat enterprise_linux_for_ibm_z_systems 7.0
redhat enterprise_linux_for_power_big_endian 7.0
redhat enterprise_linux_server_eus 8.4
redhat enterprise_linux_for_ibm_z_systems_eus 8.2
polkit_project polkit *
redhat enterprise_linux_for_ibm_z_systems 8.0
redhat enterprise_linux_for_ibm_z_systems_eus 8.4
redhat enterprise_linux_for_power_little_endian 8.0
suse linux_enterprise_high_performance_computing 15.0
starwindsoftware starwind_virtual_san v8
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 8.2
suse linux_enterprise_workstation_extension 12
redhat enterprise_linux_server_aus 8.4
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 7.0
siemens scalance_lpe9403_firmware *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_server_update_services_for_sap_solutions 7.6
redhat enterprise_linux_server_update_services_for_sap_solutions 8.4
redhat enterprise_linux_server_aus 7.3
oracle http_server 12.2.1.3.0
canonical ubuntu_linux 18.04
suse enterprise_storage 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_update_services_for_sap_solutions 8.2
canonical ubuntu_linux 21.10
redhat enterprise_linux_for_power_little_endian 7.0
redhat enterprise_linux_for_power_little_endian_eus 8.4
redhat enterprise_linux_server 6.0
canonical ubuntu_linux 20.04
redhat enterprise_linux_for_power_little_endian_eus 8.2
redhat enterprise_linux_for_scientific_computing 7.0
oracle http_server 12.2.1.4.0
starwindsoftware command_center 1.0
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_for_power_little_endian_eus 8.1
redhat enterprise_linux_server_tus 8.4
suse linux_enterprise_server 15
redhat enterprise_linux_server_update_services_for_sap_solutions 8.1
redhat enterprise_linux_server_aus 7.6
CVE-2021-4166 MEDIUM

vim is vulnerable to Out-of-bounds Read

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 1.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
suse linux_enterprise 15.0
redhat enterprise_linux 8.0
opensuse factory -
debian debian_linux 11.0
apple macos *
suse linux_enterprise 12.0
fedoraproject fedora 34
vim vim *
debian debian_linux 9.0
fedoraproject fedora 35
apple mac_os_x 10.15.7
apple macos 10.15.7
CVE-2021-41817 MEDIUM

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1333,

Products Affected

Vendor Product Version
debian debian_linux 10.0
suse linux_enterprise 15.0
redhat enterprise_linux 8.0
opensuse factory -
redhat software_collections -
ruby-lang date *
debian debian_linux 11.0
ruby-lang date 3.2.0
suse linux_enterprise 12.0
redhat enterprise_linux 7.0
fedoraproject fedora 34
ruby-lang ruby *
opensuse leap 15.2
debian debian_linux 9.0
fedoraproject fedora 35
CVE-2021-41819 MEDIUM

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-565,CWE-565,

Products Affected

Vendor Product Version
debian debian_linux 10.0
suse linux_enterprise 15.0
redhat enterprise_linux 8.0
opensuse factory -
redhat software_collections -
debian debian_linux 11.0
suse linux_enterprise 11.0
ruby-lang cgi 0.1.0
suse linux_enterprise 12.0
fedoraproject fedora 34
ruby-lang ruby *
ruby-lang cgi 0.3.0
opensuse leap 15.2
debian debian_linux 9.0
fedoraproject fedora 35
ruby-lang cgi 0.2.0
CVE-2021-4200 MEDIUM

A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
suse rancher *
CVE-2021-45082 MEDIUM

An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,

Products Affected

Vendor Product Version
fedoraproject fedora 36
opensuse backports sle-15
opensuse factory -
fedoraproject fedora 35
suse linux_enterprise_server 12
suse linux_enterprise_server 15
cobbler_project cobbler *
fedoraproject fedora 34
suse linux_enterprise_server 11
CVE-2022-21947 MEDIUM

A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 8.3 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L 2.8 5.5
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-668,CWE-668,

Products Affected

Vendor Product Version
suse rancher_desktop *
CVE-2022-21951 LOW

A Cleartext Transmission of Sensitive Information vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This issue affects: SUSE Rancher Rancher versions prior to 2.5.14; Rancher versions prior to 2.6.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N 1.6 5.2
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N 1.6 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-319,CWE-319,

Products Affected

Vendor Product Version
suse rancher *
CVE-2022-21952 MEDIUM

A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,CWE-306,CWE-770,

Products Affected

Vendor Product Version
suse manager_server *
CVE-2022-21953

A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
suse rancher *
CVE-2022-27239 HIGH

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse manager_server 4.1
suse enterprise_storage 6.0
suse linux_enterprise_high_performance_computing 12.0
suse openstack_cloud_crowbar 8.0
suse manager_proxy 4.2
suse manager_proxy 4.1
suse manager_retail_branch_server 4.3
debian debian_linux 11.0
suse linux_enterprise_desktop 15
suse linux_enterprise_micro 5.2
suse caas_platform 4.0
debian debian_linux 9.0
suse openstack_cloud_crowbar 9.0
suse linux_enterprise_software_development_kit 12
suse enterprise_storage 7.0
suse manager_proxy 4.3
suse linux_enterprise_real_time 15.0
samba cifs-utils *
suse manager_server 4.3
suse manager_server 4.2
suse linux_enterprise_server 11
suse manager_retail_branch_server 4.1
debian debian_linux 10.0
suse openstack_cloud 9.0
fedoraproject fedora 34
suse linux_enterprise_high_performance_computing 15.0
fedoraproject fedora 36
hp helion_openstack 8.0
fedoraproject fedora 35
suse openstack_cloud 8.0
suse linux_enterprise_server 12
suse manager_retail_branch_server 4.2
suse linux_enterprise_server 15
suse linux_enterprise_storage 7.1
suse linux_enterprise_point_of_service 11.0
CVE-2022-31247

An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 2.3 6.0
meissner@suse.de 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 2.3 6.0

Products Affected

Vendor Product Version
suse rancher *
CVE-2022-31248 MEDIUM

A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
meissner@suse.de 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-204,

Products Affected

Vendor Product Version
suse manager_server *
CVE-2022-31249

A Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in wrangler of SUSE Rancher allows remote attackers to inject commands in the underlying host via crafted commands passed to Wrangler. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior versions; wrangler version 0.8.4 and prior versions; wrangler version 1.0.0 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.6 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
suse wrangler *
suse wrangler 1.0.0
CVE-2022-31252

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 1.8 2.5
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 1.8 2.5

Products Affected

Vendor Product Version
opensuse leap_micro 5.2
opensuse leap 15.3
suse linux_enterprise_server 12
opensuse leap 15.4
CVE-2022-31255

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files available to the user running the process, typically tomcat. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.2 hub-xmlrpc-api-0.7-150300.3.9.2, inter-server-sync-0.2.4-150300.8.25.2, locale-formula-0.3-150300.3.3.2, py27-compat-salt-3000.3-150300.7.7.26.2, python-urlgrabber-3.10.2.1py2_3-150300.3.3.2, spacecmd-4.2.20-150300.4.30.2, spacewalk-backend-4.2.25-150300.4.32.4, spacewalk-client-tools-4.2.21-150300.4.27.3, spacewalk-java-4.2.43-150300.3.48.2, spacewalk-utils-4.2.18-150300.3.21.2, spacewalk-web-4.2.30-150300.3.30.3, susemanager-4.2.38-150300.3.44.3, susemanager-doc-indexes-4.2-150300.12.36.3, susemanager-docs_en-4.2-150300.12.36.2, susemanager-schema-4.2.25-150300.3.30.3, susemanager-sls versions prior to 4.2.28. SUSE Linux Enterprise Module for SUSE Manager Server 4.3 spacewalk-java versions prior to 4.3.39. SUSE Manager Server 4.2 release-notes-susemanager versions prior to 4.2.10.

Products Affected

Vendor Product Version
uyuni-project uyuni *
suse manager_server *
CVE-2022-43753

A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files available to the user running the process, typically tomcat. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.2 hub-xmlrpc-api-0.7-150300.3.9.2, inter-server-sync-0.2.4-150300.8.25.2, locale-formula-0.3-150300.3.3.2, py27-compat-salt-3000.3-150300.7.7.26.2, python-urlgrabber-3.10.2.1py2_3-150300.3.3.2, spacecmd-4.2.20-150300.4.30.2, spacewalk-backend-4.2.25-150300.4.32.4, spacewalk-client-tools-4.2.21-150300.4.27.3, spacewalk-java-4.2.43-150300.3.48.2, spacewalk-utils-4.2.18-150300.3.21.2, spacewalk-web-4.2.30-150300.3.30.3, susemanager-4.2.38-150300.3.44.3, susemanager-doc-indexes-4.2-150300.12.36.3, susemanager-docs_en-4.2-150300.12.36.2, susemanager-schema-4.2.25-150300.3.30.3, susemanager-sls versions prior to 4.2.28. SUSE Linux Enterprise Module for SUSE Manager Server 4.3 spacewalk-java versions prior to 4.3.39. SUSE Manager Server 4.2 release-notes-susemanager versions prior to 4.2.10.

Products Affected

Vendor Product Version
uyuni-project uyuni *
suse manager_server *
CVE-2022-43754

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to embed Javascript code via /rhn/audit/scap/Search.do This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.2 hub-xmlrpc-api-0.7-150300.3.9.2, inter-server-sync-0.2.4-150300.8.25.2, locale-formula-0.3-150300.3.3.2, py27-compat-salt-3000.3-150300.7.7.26.2, python-urlgrabber-3.10.2.1py2_3-150300.3.3.2, spacecmd-4.2.20-150300.4.30.2, spacewalk-backend-4.2.25-150300.4.32.4, spacewalk-client-tools-4.2.21-150300.4.27.3, spacewalk-java-4.2.43-150300.3.48.2, spacewalk-utils-4.2.18-150300.3.21.2, spacewalk-web-4.2.30-150300.3.30.3, susemanager-4.2.38-150300.3.44.3, susemanager-doc-indexes-4.2-150300.12.36.3, susemanager-docs_en-4.2-150300.12.36.2, susemanager-schema-4.2.25-150300.3.30.3, susemanager-sls versions prior to 4.2.28. SUSE Linux Enterprise Module for SUSE Manager Server 4.3 spacewalk-java versions prior to 4.3.39. SUSE Manager Server 4.2 release-notes-susemanager versions prior to 4.2.10.

Products Affected

Vendor Product Version
uyuni-project uyuni *
suse manager_server *
CVE-2022-43755

A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token was renewed. This issue affects: SUSE Rancher Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
meissner@suse.de 7.1 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H 1.6 5.5

Products Affected

Vendor Product Version
suse rancher *
CVE-2022-43756

A Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior versions; wrangler version 0.8.4 and prior versions; wrangler version 1.0.0 and prior versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
meissner@suse.de 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H 1.6 4.2

Products Affected

Vendor Product Version
suse wrangler *
suse wrangler 1.0.0
CVE-2022-43757

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows users on managed clusters to gain access to credentials. The impact depends on the credentials exposed This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
meissner@suse.de 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

Products Affected

Vendor Product Version
suse rancher *
CVE-2022-43758

A Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SUSE Rancher allows code execution for user with the ability to add an untrusted Helm catalog or modifying the URL configuration used to download KDM (only admin users by default) This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.6 HIGH CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H 1.0 6.0
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H 0.9 5.9

Products Affected

Vendor Product Version
suse rancher *
CVE-2022-43759

A Improper Privilege Management vulnerability in SUSE Rancher, allows users with access to the escalate verb on PRTBs to escalate permissions for any -promoted resource in any cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
meissner@suse.de 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
suse rancher *
CVE-2022-43760

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SUSE Rancher allows users in some higher-privileged groups to to inject code that is executed within another user's browser, allowing the attacker to steal sensitive information, manipulate web content, or perform other malicious activities on behalf of the victims. This could result in a user with write access to the affected areas being able to act on behalf of an administrator, once an administrator opens the affected web page. This issue affects Rancher: from >= 2.6.0 before < 2.6.13, from >= 2.7.0 before < 2.7.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 8.4 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H 1.7 6.0

Products Affected

Vendor Product Version
suse rancher *
CVE-2022-45153

An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
meissner@suse.de 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.0 5.9

Products Affected

Vendor Product Version
suse linux_enterprise_module_for_sap_applications 15
suse linux_enterprise_server 12
opensuse leap 15.4
CVE-2022-45155

An Improper Handling of Exceptional Conditions vulnerability in obs-service-go_modules of openSUSE Factory allows attackers that can influence the call to the service to delete files and directories on the system of the victim. This issue affects: SUSE openSUSE Factory obs-service-go_modules versions prior to 0.6.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 1.8 3.6
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
suse opensuse_factory *
CVE-2023-22644

A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
suse manager_server *
CVE-2023-22647

An Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage their existing permissions to manipulate Kubernetes secrets in the local cluster, resulting in the secret being deleted, but their read-level permissions to the secret being preserved. When this operation was followed-up by other specially crafted commands, it could result in the user gaining access to tokens belonging to service accounts in the local cluster. This issue affects Rancher: from >= 2.6.0 before < 2.6.13, from >= 2.7.0 before < 2.7.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

Products Affected

Vendor Product Version
suse rancher *
CVE-2023-22648

A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logged in the Rancher UI. This would cause the users to retain their previous permissions in Rancher, even if they change groups on Azure AD, for example, to a lower privileged group, or are removed from a group, thus retaining their access to Rancher instead of losing it. This issue affects Rancher: from >= 2.6.7 before < 2.6.13, from >= 2.7.0 before < 2.7.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 8.0 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 2.1 5.9

Products Affected

Vendor Product Version
suse rancher *
CVE-2023-22651

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into the Kubernetes cluster. The issue only affects users that upgrade from 2.6.x or 2.7.x to 2.7.2. Users that did a fresh install of 2.7.2 (and did not follow an upgrade path) are not affected.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

Products Affected

Vendor Product Version
suse rancher *
CVE-2023-23005

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
suse linux_enterprise_server 15
linux linux_kernel *
CVE-2023-29552

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.

Products Affected

Vendor Product Version
suse manager_server -
netapp smi-s_provider -
suse linux_enterprise_server 12
suse linux_enterprise_server 15
service_location_protocol_project service_location_protocol -
suse linux_enterprise_server 11
vmware esxi *
CVE-2023-32182

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
suse linux_enterprise_high_performance_computing 15.0
opensuse leap 15.5
suse suse_linux_enterprise_desktop 15
CVE-2023-32186

A Allocation of Resources Without Limits or Throttling vulnerability in SUSE RKE2 allows attackers with access to K3s servers apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects RKE2: from 1.24.0 before 1.24.17+rke2r1, from v1.25.0 before v1.25.13+rke2r1, from v1.26.0 before v1.26.8+rke2r1, from v1.27.0 before v1.27.5+rke2r1, from v1.28.0 before v1.28.1+rke2r1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
meissner@suse.de 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
suse rancher_rke2 1.28.1+rke2r1
suse rancher_rke2 *
CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access.

Products Affected

Vendor Product Version
debian debian_linux 10.0
suse linux_enterprise 15.0
linux linux_kernel *
suse linux_enterprise 12.0
CVE-2024-12085

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.0
redhat openshift_container_platform 4.14
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.12
redhat enterprise_linux_eus 9.4
redhat openshift_container_platform 4.16
redhat enterprise_linux_for_ibm_z_systems_eus 9.6_s390x
redhat enterprise_linux_for_ibm_z_systems 9.0_s390x
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.4_ppc64le
redhat enterprise_linux_server_aus 9.4
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.8_ppc64le
suse suse_linux -
archlinux arch_linux -
gentoo linux -
samba rsync *
redhat enterprise_linux_for_ibm_z_systems_eus 9.4_s390x
almalinux almalinux 8.0
redhat enterprise_linux_eus 8.8
redhat enterprise_linux_for_ibm_z_systems 8.0_s390x
almalinux almalinux 9.0
redhat enterprise_linux_for_arm_64 9.0_aarch64
nixos nixos *
redhat enterprise_linux_for_arm_64_eus 8.8_aarch64
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.4_ppc64le
redhat enterprise_linux_update_services_for_sap_solutions 9.2
redhat openshift_container_platform 4.15
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.2_ppc64le
redhat enterprise_linux_update_services_for_sap_solutions 9.6
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_tus 8.8
redhat enterprise_linux_update_services_for_sap_solutions 9.0
redhat enterprise_linux_eus 9.2
redhat enterprise_linux_server_aus 9.2
redhat enterprise_linux_for_power_little_endian_eus 9.6_ppc64le
redhat enterprise_linux_update_services_for_sap_solutions 8.4
redhat enterprise_linux_server_tus 8.6
redhat enterprise_linux_for_ibm_z_systems_eus 8.8_s390x
redhat enterprise_linux_for_power_little_endian_eus 9.4_ppc64le
redhat enterprise_linux_server_aus 8.6
redhat enterprise_linux_update_services_for_sap_solutions 8.6
redhat enterprise_linux_for_power_little_endian 8.8_ppc64le
redhat enterprise_linux_for_power_little_endian 9.0_ppc64le
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.6_ppc64le
redhat openshift 5.0
redhat openshift_container_platform 4.17
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.0_ppc64le
redhat enterprise_linux_server_aus 9.6
redhat enterprise_linux_server 6.0
redhat openshift_container_platform 4.13
redhat enterprise_linux_for_ibm_z_systems 9.2_s390x
redhat enterprise_linux_for_arm_64 9.2_aarch64
redhat enterprise_linux_eus 9.6
redhat enterprise_linux_for_arm_64_eus 9.4_aarch64
tritondatacenter smartos *
redhat enterprise_linux_for_power_little_endian 9.2_ppc64le
redhat enterprise_linux 9.0
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.6_ppc64le
redhat enterprise_linux_for_power_little_endian 8.0_ppc64le
redhat enterprise_linux_server_tus 8.4
almalinux almalinux 10.0
redhat enterprise_linux_for_arm_64 8.0_aarch64
redhat enterprise_linux_for_arm_64_eus 9.6_aarch64
CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 6.1 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N 1.6 4.0

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
redhat enterprise_linux 8.0
almalinux almalinux 9.0
redhat enterprise_linux 10.0
nixos nixos *
redhat enterprise_linux 7.0
tritondatacenter smartos *
redhat enterprise_linux 9.0
suse suse_linux -
archlinux arch_linux -
gentoo linux -
samba rsync *
redhat openshift_container_platform 4.0
almalinux almalinux 8.0
almalinux almalinux 10.0
CVE-2024-12087

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6
secalert@redhat.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
redhat enterprise_linux_for_power_little_endian_eus 9.6_ppc64le
redhat enterprise_linux 8.0
redhat enterprise_linux_for_ibm_z_systems_eus 9.6_s390x
redhat enterprise_linux_for_ibm_z_systems 9.0_s390x
suse suse_linux -
archlinux arch_linux -
gentoo linux -
samba rsync *
almalinux almalinux 8.0
redhat enterprise_linux_for_power_little_endian 9.0_ppc64le
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.6_ppc64le
redhat enterprise_linux_for_ibm_z_systems 8.0_s390x
almalinux almalinux 9.0
redhat enterprise_linux_server_aus 9.6
redhat enterprise_linux_for_arm_64 9.0_aarch64
redhat enterprise_linux_eus 9.6
nixos nixos *
tritondatacenter smartos *
redhat enterprise_linux 9.0
redhat enterprise_linux_for_power_little_endian 8.0_ppc64le
redhat enterprise_linux_update_services_for_sap_solutions 9.6
almalinux almalinux 10.0
redhat enterprise_linux_for_arm_64 8.0_aarch64
redhat enterprise_linux_for_arm_64_eus 9.6_aarch64
CVE-2024-23301

Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
suse linux_enterprise 15.0
redhat enterprise_linux 8.0
redhat enterprise_linux 9.0
fedoraproject fedora 39
relax-and-recover relax-and-recover *
CVE-2024-46951

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

Products Affected

Vendor Product Version
artifex ghostscript *
suse linux_enterprise_high_performance_computing 12.0
suse linux_enterprise_server 12
suse linux_enterprise_server_for_sap 12
debian debian_linux 12.0
CVE-2024-46953

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

Products Affected

Vendor Product Version
artifex ghostscript *
suse linux_enterprise_high_performance_computing 12.0
suse linux_enterprise_server 12
suse linux_enterprise_server_for_sap 12
debian debian_linux 12.0
CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

Products Affected

Vendor Product Version
artifex ghostscript *
suse linux_enterprise_high_performance_computing 12.0
suse linux_enterprise_server 12
suse linux_enterprise_server_for_sap 12
debian debian_linux 12.0
CVE-2024-46956

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

Products Affected

Vendor Product Version
artifex ghostscript *
suse linux_enterprise_high_performance_computing 12.0
suse linux_enterprise_server 12
suse linux_enterprise_server_for_sap 12
debian debian_linux 12.0
CVE-2024-6387

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
netapp fas2720_firmware -
netapp c250_firmware -
canonical ubuntu_linux 23.10
netapp 500f_firmware -
redhat enterprise_linux_eus 9.4
canonical ubuntu_linux 24.04
netapp a90_firmware -
arista eos *
openbsd openssh 8.5
redhat enterprise_linux_for_ibm_z_systems 9.0_s390x
redhat enterprise_linux_server_aus 9.4
redhat enterprise_linux_for_ibm_z_systems_eus 9.4_s390x
sonicwall sma_6200_firmware -
netapp ontap_select_deploy_administration_utility -
canonical ubuntu_linux 22.04
netapp bootstrap_os -
freebsd freebsd 14.0
almalinux almalinux 9.0
apple macos *
netapp ontap_tools 10
redhat enterprise_linux_for_arm_64 9.0_aarch64
suse linux_enterprise_micro 6.0
sonicwall sma_7210_firmware -
netbsd netbsd *
netapp fas2750_firmware -
amazon amazon_linux 2023.0
netapp a800_firmware -
sonicwall sra_ex_7000_firmware -
netapp a400_firmware -
netapp ontap 9
netapp e-series_santricity_os_controller *
netapp 8700_firmware -
openbsd openssh 8.6
sonicwall sma_6210_firmware -
openbsd openssh 4.4
redhat enterprise_linux_for_power_little_endian_eus 9.4_ppc64le
netapp a150_firmware -
netapp a9500_firmware -
redhat openshift_container_platform 4.0
netapp c800_firmware -
sonicwall sma_7200_firmware -
netapp active_iq_unified_manager -
debian debian_linux 12.0
redhat enterprise_linux_for_power_little_endian 9.0_ppc64le
netapp ontap_tools 9
netapp a1k_firmware -
openbsd openssh *
netapp fas2820_firmware -
netapp a70_firmware -
netapp a220_firmware -
freebsd freebsd 13.2
canonical ubuntu_linux 22.10
netapp c190_firmware -
redhat enterprise_linux_for_arm_64_eus 9.4_aarch64
freebsd freebsd 13.3
sonicwall sma_8200v_firmware -
canonical ubuntu_linux 23.04
freebsd freebsd 14.1
redhat enterprise_linux 9.0
netapp a900_firmware -
amazon linux_2023 -
netapp a700s_firmware -
netapp 8300_firmware -
netapp a250_firmware -
netapp c400_firmware -
CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 9.3 CRITICAL CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 2.5 6.0

Products Affected

Vendor Product Version
debian debian_linux 13.0
redhat enterprise_linux 10.0
debian debian_linux 11.0
canonical ubuntu_linux 24.04
canonical ubuntu_linux 25.04
suse linux_enterprise_desktop 15
canonical ubuntu_linux 24.10
sudo_project sudo 1.9.17
sudo_project sudo *
opensuse leap 15.6
suse linux_enterprise_server_for_sap 12
suse linux_enterprise_real_time 15.0
debian debian_linux 12.0
canonical ubuntu_linux 22.04
CVE-2025-6018

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
suse pam-config 1.1.8-24.71.1
CVE-2025-62879

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens (both accessKey and secretKey) into the rancher-backup-operator pod's logs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 6.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N 2.3 4.0

Products Affected

Vendor Product Version
suse rancher_backup_and_restore_operator *
CVE-2025-67601

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N 2.2 2.5
meissner@suse.de 8.3 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H 1.6 6.0

Products Affected

Vendor Product Version
suse rancher *
CVE-2026-25702

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
meissner@suse.de 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

Products Affected

Vendor Product Version
suse linux_enterprise_server 12