Linux Enterprise Server

linux_enterprise_server

Vendor: Suse • 474 CVEs

CVEs (474)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-14491 12Arista ArubanetworksCanonical+9 more 21Arubaos Debian LinuxDiskstation Manager+18 more May 13, 2026 Oct 4, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVE-2015-5300 7Canonical DebianFedoraproject+4 more 20Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+17 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time wh...Show more The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).Show less
CVE-2015-5219 10Canonical DebianFedoraproject+7 more 18Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+15 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a craft...Show more The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.Show less
CVE-2015-5194 6Canonical DebianFedoraproject+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+10 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
CVE-2017-1000366 8Debian GnuMcafee+5 more 20Cloud Magnum Orchestration Debian LinuxEnterprise Linux+17 more May 13, 2026 Jun 19, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hard...Show more glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.Show less
CVE-2015-8567 6Canonical DebianFedoraproject+3 more 10Debian Linux FedoraLeap+7 more May 13, 2026 Apr 13, 2017 N/A· v4 7.7 HIGH· v3 6.8 MEDIUM· v2 Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-4680 2Freeradius Suse 3Freeradius Linux Enterprise ServerLinux Enterprise Software Development Kit May 13, 2026 Apr 5, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.
CVE-2016-9398 4Fedoraproject Jasper ProjectOpensuse+1 more 6Fedora JasperLeap+3 more May 13, 2026 Mar 23, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
CVE-2016-1602 1Suse 3Linux Enterprise Desktop Linux Enterprise ServerSuse Linux Enterprise Server May 13, 2026 Mar 23, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as...Show more A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root).Show less
CVE-2014-9854 4Canonical ImagemagickOpensuse+1 more 7Imagemagick LeapLinux Enterprise Server+4 more May 13, 2026 Mar 17, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
CVE-2014-9853 6Canonical ImagemagickNovell+3 more 11Imagemagick LeapLeap+8 more May 13, 2026 Mar 17, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
CVE-2014-9852 3Imagemagick OpensuseSuse 7Imagemagick LeapLinux Enterprise Desktop+4 more May 13, 2026 Mar 17, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
CVE-2017-5898 2Qemu Suse 5Linux Enterprise Desktop Linux Enterprise ServerLinux Enterprise Server For Sap+2 more May 13, 2026 Mar 15, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (ap...Show more Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.Show less
CVE-2015-7976 4Novell NtpOpensuse+1 more 10Leap Linux Enterprise DebuginfoLinux Enterprise Desktop+7 more May 13, 2026 Jan 30, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
CVE-2015-8934 3Canonical LibarchiveSuse 5Libarchive Linux Enterprise DesktopLinux Enterprise Server+2 more May 6, 2026 Sep 20, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.
CVE-2015-8933 3Canonical LibarchiveSuse 5Libarchive Linux Enterprise DesktopLinux Enterprise Server+2 more May 6, 2026 Sep 20, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.
CVE-2015-8932 4Canonical DebianLibarchive+1 more 6Debian Linux LibarchiveLinux Enterprise Desktop+3 more May 6, 2026 Sep 20, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left s...Show more The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.Show less
CVE-2015-8931 4Canonical DebianLibarchive+1 more 6Debian Linux LibarchiveLinux Enterprise Desktop+3 more May 6, 2026 Sep 20, 2016 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtre...Show more Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.Show less
CVE-2015-8930 3Canonical LibarchiveSuse 5Libarchive Linux Enterprise DesktopLinux Enterprise Server+2 more May 6, 2026 Sep 20, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.
CVE-2015-8929 2Libarchive Suse 4Libarchive Linux Enterprise DesktopLinux Enterprise Server+1 more May 6, 2026 Sep 20, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

Previous 1 2 345...24 Next