📦

linux_enterprise_debuginfo

Vendor: suse

Login to add this product to WatchStack
Actively Exploited 6 CISA KEV List
PoC / Exploits 9 Code Available
Total RCEs 6 Remote Access
Total CVEs 249 Total Indexed
Avg. EPSS 20.73% Exploit Prob.
Latest CVE CVE-2018-10195 Jun 02

Security Vulnerability Index

Page 2 / 25
7.7 CVSS
CVE-2015-8567

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).

EPSS: 3.41%
5.5 CVSS
CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

EPSS: 0.19%
5.5 CVSS
CVE-2016-2318

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

EPSS: 0.24%
5.5 CVSS
CVE-2016-2317

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.

EPSS: 0.24%
4.3 CVSS
CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

EPSS: 3.17%
9.8 CVSS
CVE-2016-5772

Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.

EPSS: 15.93%
5.5 CVSS
CVE-2015-8808

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

EPSS: 0.29%
7.5 CVSS
CVE-2016-5244

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

EPSS: 0.56%
9.8 CVSS
CVE-2016-5118
RCE

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

EPSS: 37.74%
9.8 CVSS
CVE-2016-0718

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

EPSS: 2.83%