Linux Enterprise Server

linux_enterprise_server

Vendor: Suse • 474 CVEs

CVEs (474)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-6855 6Arista CanonicalDebian+3 more 7Debian Linux EosFedora+4 more May 6, 2026 Nov 6, 2015 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demo...Show more hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.Show less
CVE-2015-4902 4Opensuse OracleRedhat+1 more 21Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Eus Compute Node+18 more Apr 22, 2026 Oct 22, 2015 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
CVE-2015-4830 8Canonical DebianFedoraproject+5 more 17Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+14 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
CVE-2015-1781 4Canonical DebianGnu+1 more 6Debian Linux GlibcLinux Enterprise Debuginfo+3 more May 6, 2026 Sep 28, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrar...Show more Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.Show less
CVE-2015-5165 7Arista DebianFedoraproject+4 more 24Debian Linux Enterprise Linux Compute Node EusEnterprise Linux Desktop+21 more May 6, 2026 Aug 12, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
CVE-2015-5154 4Fedoraproject QemuSuse+1 more 8Fedora Linux Enterprise DebuginfoLinux Enterprise Desktop+5 more May 6, 2026 Aug 12, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAP...Show more Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.Show less
CVE-2015-4495 6Canonical MozillaOpensuse+3 more 15Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+12 more Apr 22, 2026 Aug 8, 2015 N/A· v4 8.8 HIGH· v3 4.3 MEDIUM· v2 The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vector...Show more The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.Show less
CVE-2015-1283 8Canonical DebianGoogle+5 more 13Chrome Debian LinuxLeap+10 more May 6, 2026 Jul 23, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer ove...Show more Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.Show less
CVE-2015-2590 6Canonical DebianOpensuse+3 more 21Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+18 more Apr 21, 2026 Jul 16, 2015 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...Show more Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.Show less
CVE-2015-2738 5Canonical DebianMozilla+2 more 10Debian Linux FirefoxFirefox Esr+7 more May 6, 2026 Jul 6, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from unin...Show more The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.Show less
CVE-2015-2737 5Canonical DebianMozilla+2 more 10Debian Linux FirefoxFirefox Esr+7 more May 6, 2026 Jul 6, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory...Show more The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.Show less
CVE-2015-2734 5Canonical DebianMozilla+2 more 10Debian Linux FirefoxFirefox Esr+7 more May 6, 2026 Jul 6, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninit...Show more The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.Show less
CVE-2015-0192 3Ibm RedhatSuse 8Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+5 more May 27, 2026 Jul 2, 2015 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors rela...Show more Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.Show less
CVE-2015-3209 8Arista CanonicalDebian+5 more 18Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+15 more May 6, 2026 Jun 15, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
CVE-2015-4106 6Canonical CitrixDebian+3 more 8Debian Linux FedoraLinux Enterprise Desktop+5 more May 6, 2026 Jun 3, 2015 N/A· v4 N/A· v3 4.6 MEDIUM· v2 QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensiti...Show more QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.Show less
CVE-2015-4000 12Apple CanonicalDebian+9 more 25Chrome Content ManagerDebian Linux+22 more May 27, 2026 May 21, 2015 N/A· v4 3.7 LOW· v3 4.3 MEDIUM· v2 The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgra...Show more The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.Show less
CVE-2015-0797 6Debian GstreamerGstreamer Project+3 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 May 14, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application c...Show more GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.Show less
CVE-2015-2576 2Oracle Suse 4Linux Enterprise Desktop Linux Enterprise ServerLinux Enterprise Software Development Kit+1 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.
CVE-2015-2575 3Debian MysqlSuse 5Debian Linux Linux Enterprise DesktopLinux Enterprise Server+2 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.
CVE-2015-2573 6Canonical DebianMariadb+3 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+11 more May 6, 2026 Apr 16, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

Previous 1...678...24 Next