suse linux_enterprise_software_development_kit の CVE(296 件)

CVE 件数: 296 CPE versions: View versions table

概要

本ページは suse linux_enterprise_software_development_kit に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 6180 / 296 CVE 件数
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2016-1285 named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. [email protected] 6.8 59.14% 2016-03-09 2026-06-16
CVE-2015-7547 Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. [email protected] 8.1 89.56% 2016-02-18 2026-06-16
CVE-2015-5006 IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache. [email protected] 2.1 0.48% 2015-12-07 2026-06-16
CVE-2015-0272 GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215. [email protected] 5.0 5.06% 2015-11-17 2026-06-16
CVE-2015-2697 The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request. [email protected] 4.0 4.13% 2015-11-08 2026-06-16
CVE-2015-2696 lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call. [email protected] 7.1 4.54% 2015-11-08 2026-06-16
CVE-2015-2695 lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. [email protected] 5.0 6.24% 2015-11-08 2026-06-16
CVE-2015-4902 KEV Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment. [email protected] 5.3 13.35% 2015-10-21 2026-06-16
CVE-2015-4830 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. [email protected] 4.0 2.98% 2015-10-21 2026-06-16
CVE-2015-5154 Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. [email protected] 7.2 0.61% 2015-08-12 2026-06-16
CVE-2015-4495 KEV The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. [email protected] 8.8 70.23% 2015-08-07 2026-06-16
CVE-2015-1283 Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. [email protected] 6.8 19.07% 2015-07-22 2026-06-16
CVE-2015-2738 The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors. [email protected] 10.0 2.65% 2015-07-05 2026-06-16
CVE-2015-2737 The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors. [email protected] 10.0 2.65% 2015-07-05 2026-06-16
CVE-2015-2734 The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors. [email protected] 10.0 2.65% 2015-07-05 2026-06-16
CVE-2015-0192 Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine. [email protected] 9.8 4.54% 2015-07-02 2026-06-16
CVE-2015-3209 Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. [email protected] 7.5 9.67% 2015-06-15 2026-06-16
CVE-2015-4106 QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors. [email protected] 4.6 0.48% 2015-06-03 2026-06-16
CVE-2015-4000 The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. [email protected] 3.7 99.86% 2015-05-20 2026-06-16
CVE-2015-0797 GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file. [email protected] 6.8 5.44% 2015-05-14 2026-06-16
cvelogic Threat Intelligence