Linux Enterprise Server

linux_enterprise_server

Vendor: Suse • 474 CVEs

CVEs (474)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-0651 5Mariadb OpensuseOracle+2 more 15Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+12 more May 6, 2026 Apr 21, 2016 N/A· v4 5.5 MEDIUM· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
CVE-2016-0642 7Canonical DebianMariadb+4 more 17Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+14 more May 6, 2026 Apr 21, 2016 N/A· v4 4.7 MEDIUM· v3 4.3 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
CVE-2015-8779 6Canonical DebianFedoraproject+3 more 10Debian Linux FedoraGlibc+7 more May 6, 2026 Apr 19, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary...Show more Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.Show less
CVE-2015-8778 6Canonical DebianFedoraproject+3 more 10Debian Linux FedoraGlibc+7 more May 6, 2026 Apr 19, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the _...Show more Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.Show less
CVE-2015-8776 6Canonical DebianFedoraproject+3 more 10Debian Linux FedoraGlibc+7 more May 6, 2026 Apr 19, 2016 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range...Show more The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.Show less
CVE-2014-9761 5Canonical FedoraprojectGnu+2 more 9Fedora GlibcLinux Enterprise Debuginfo+6 more May 6, 2026 Apr 19, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long...Show more Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.Show less
CVE-2015-8551 4Debian LinuxOpensuse+1 more 8Debian Linux Linux Enterprise DesktopLinux Enterprise Real Time Extension+5 more May 6, 2026 Apr 13, 2016 N/A· v4 6.0 MEDIUM· v3 4.7 MEDIUM· v2 The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer d...Show more The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."Show less
CVE-2015-5969 2Opensuse Suse 6Leap Linux Enterprise DesktopLinux Enterprise Server+3 more May 6, 2026 Apr 8, 2016 N/A· v4 6.2 MEDIUM· v3 2.1 LOW· v2 The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and...Show more The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.Show less
CVE-2016-2324 3Git Scm OpensuseSuse 8Git LeapLinux Enterprise Debuginfo+5 more May 6, 2026 Apr 8, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
CVE-2016-2315 3Git Scm OpensuseSuse 8Git LeapLinux Enterprise Debuginfo+5 more May 6, 2026 Apr 8, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
CVE-2016-1286 7Canonical DebianFedoraproject+4 more 14Bind Debian LinuxFedora+11 more May 6, 2026 Mar 9, 2016 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db....Show more named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.Show less
CVE-2016-1285 7Canonical DebianFedoraproject+4 more 14Bind Debian LinuxFedora+11 more May 6, 2026 Mar 9, 2016 N/A· v4 6.8 MEDIUM· v3 4.3 MEDIUM· v2 named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure an...Show more named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.Show less
CVE-2015-7547 10Canonical DebianF5+7 more 30Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+27 more May 6, 2026 Feb 18, 2016 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash...Show more Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.Show less
CVE-2015-5006 3Ibm RedhatSuse 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Eus+6 more May 6, 2026 Dec 7, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitiv...Show more IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.Show less
CVE-2015-3195 9Apple CanonicalDebian+6 more 25Api Gateway Communications Webrtc Session ControllerDebian Linux+22 more May 6, 2026 Dec 6, 2015 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which...Show more The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.Show less
CVE-2015-0272 4Canonical GnomeOracle+1 more 9Linux Linux Enterprise DebuginfoLinux Enterprise Desktop+6 more May 6, 2026 Nov 17, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
CVE-2015-8126 9Apple CanonicalDebian+6 more 20Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+17 more May 6, 2026 Nov 13, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow r...Show more Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.Show less
CVE-2015-2697 6Canonical DebianMit+3 more 9Debian Linux Kerberos 5Leap+6 more May 6, 2026 Nov 9, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' c...Show more The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.Show less
CVE-2015-2696 5Canonical DebianMit+2 more 8Debian Linux Kerberos 5Leap+5 more May 6, 2026 Nov 9, 2015 N/A· v4 N/A· v3 7.1 HIGH· v2 lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a cra...Show more lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.Show less
CVE-2015-2695 6Canonical DebianMit+3 more 9Debian Linux Kerberos 5Leap+6 more May 6, 2026 Nov 9, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) vi...Show more lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.Show less

Previous 1...567...24 Next