Suse » Linux Enterprise Server » 11 sp4 : Security Vulnerabilities, CVEs, Published In 2015 (Code Execution)
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
Max CVSS
7.2
EPSS Score
0.20%
Published
2015-08-12
Updated
2023-02-13
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
Max CVSS
6.8
EPSS Score
12.30%
Published
2015-09-28
Updated
2023-02-13
2 vulnerabilities found