📦

linux_enterprise_debuginfo

Vendor: suse

Actively Exploited 6 CISA KEV List

PoC / Exploits 9 Code Available

Total RCEs 6 Remote Access

Total CVEs 249 Total Indexed

Avg. EPSS 20.73% Exploit Prob.

Latest CVE CVE-2018-10195 Jun 02

Security Vulnerability Index

Page 3 / 25

5.5 CVSS

CVE-2016-3718

Exploit Found

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

EPSS: 86.94%

Severity: MEDIUM

May 05, 2016

5.5 CVSS

CVE-2016-3715

Exploit Found

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

EPSS: 89.25%

Severity: MEDIUM

May 05, 2016

4.6 CVSS

CVE-2016-2782

Exploit Found

The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.

EPSS: 0.47%

Severity: MEDIUM

Apr 27, 2016

5.5 CVSS

CVE-2016-0651

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

EPSS: 0.25%

Severity: MEDIUM

Apr 21, 2016

4.7 CVSS

CVE-2016-0642

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

EPSS: 0.38%

Severity: MEDIUM

Apr 21, 2016

9.8 CVSS

CVE-2015-8779

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

EPSS: 3.58%

Severity: CRITICAL

Apr 19, 2016

9.8 CVSS

CVE-2015-8778

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.

EPSS: 4.47%

Severity: CRITICAL

Apr 19, 2016

9.1 CVSS

CVE-2015-8776

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

EPSS: 3.62%

Severity: CRITICAL

Apr 19, 2016

9.8 CVSS

CVE-2014-9761

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.

EPSS: 1.51%

Severity: CRITICAL

Apr 19, 2016

8.8 CVSS

CVE-2016-3630

RCE

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.

EPSS: 5.19%

Severity: HIGH

Apr 13, 2016

Displaying 10 of 249 Total Entries

1 2 3 4 5 ... 25

Total 25 Sections