National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:suse:linux_enterprise_desktop:12:sp1
There are 37 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2015-5300

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

Published: July 21, 2017; 10:29:00 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2016-9959

game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

Published: April 12, 2017; 04:59:00 PM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-9958

game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

Published: April 12, 2017; 04:59:00 PM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-9957

Stack-based buffer overflow in game-music-emu before 0.6.1.

Published: April 12, 2017; 04:59:00 PM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-9398

The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

Published: March 23, 2017; 02:59:01 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root).

Published: March 23, 2017; 02:59:00 AM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

Published: March 17, 2017; 10:59:00 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2014-9852

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.

Published: March 17, 2017; 10:59:00 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-5898

Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.

Published: March 15, 2017; 03:59:00 PM -04:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

Published: January 30, 2017; 04:59:00 PM -05:00
V3: 4.3 MEDIUM
V2: 4.0 MEDIUM
CVE-2015-8934

The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.

Published: September 20, 2016; 10:15:20 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-8933

Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.

Published: September 20, 2016; 10:15:19 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-8932

The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.

Published: September 20, 2016; 10:15:18 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-8931

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

Published: September 20, 2016; 10:15:18 AM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2015-8930

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.

Published: September 20, 2016; 10:15:17 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2015-8929

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

Published: September 20, 2016; 10:15:16 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-8928

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

Published: September 20, 2016; 10:15:15 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-8926

The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

Published: September 20, 2016; 10:15:13 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-8925

The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.

Published: September 20, 2016; 10:15:11 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-5244

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

Published: June 27, 2016; 06:59:11 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM