📦

linux_enterprise_debuginfo

Vendor: suse

Actively Exploited 6 CISA KEV List

PoC / Exploits 9 Code Available

Total RCEs 6 Remote Access

Total CVEs 249 Total Indexed

Avg. EPSS 20.73% Exploit Prob.

Latest CVE CVE-2018-10195 Jun 02

Security Vulnerability Index

Page 4 / 25

8.8 CVSS

CVE-2016-3069

RCE

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.

EPSS: 2.83%

Severity: HIGH

Apr 13, 2016

8.8 CVSS

CVE-2016-3068

RCE

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.

EPSS: 5.00%

Severity: HIGH

Apr 13, 2016

9.8 CVSS

CVE-2016-2324

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.

EPSS: 22.05%

Severity: CRITICAL

Apr 08, 2016

9.8 CVSS

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.

EPSS: 17.65%

Severity: CRITICAL

Apr 08, 2016

8.6 CVSS

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.

EPSS: 53.59%

Severity: HIGH

Mar 09, 2016

6.8 CVSS

CVE-2016-1285

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.

EPSS: 68.97%

Severity: MEDIUM

Mar 09, 2016

8.1 CVSS

CVE-2015-7547

Exploit Found

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

EPSS: 93.91%

Severity: HIGH

Feb 18, 2016

5.0 CVSS

CVE-2015-0272

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

EPSS: 0.91%

Severity: MEDIUM

Nov 17, 2015

6.8 CVSS

CVE-2015-1781

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.

EPSS: 4.75%

Severity: MEDIUM

Sep 28, 2015

9.3 CVSS

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

EPSS: 12.94%

Severity: HIGH

Aug 12, 2015

Displaying 10 of 249 Total Entries

2 3 4 5 6 ... 25

Total 25 Sections