cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62.
Max CVSS
9.8
EPSS Score
0.75%
Published
2020-03-02
Updated
2020-03-04
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62.
Max CVSS
9.8
EPSS Score
0.75%
Published
2020-03-02
Updated
2020-03-04
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
13.83%
Published
2016-04-08
Updated
2023-06-21
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Max CVSS
9.8
EPSS Score
0.81%
Published
2016-05-26
Updated
2023-02-12
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
Max CVSS
9.8
EPSS Score
4.28%
Published
2016-04-19
Updated
2018-10-30
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
Max CVSS
9.8
EPSS Score
3.04%
Published
2016-04-19
Updated
2018-10-30
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
Max CVSS
9.1
EPSS Score
0.54%
Published
2016-04-19
Updated
2018-10-30
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.
Max CVSS
9.1
EPSS Score
0.61%
Published
2016-06-06
Updated
2019-06-19
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
Max CVSS
9.8
EPSS Score
1.19%
Published
2017-03-17
Updated
2018-10-30
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.
Max CVSS
9.8
EPSS Score
4.85%
Published
2016-04-19
Updated
2019-06-13
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!