Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

opensuse project leap 42.1 vulnerabilities and exploits

(subscribe to this query)
8.8
CVSSv3
CVE-2016-3630
The binary delta decoder in Mercurial prior to 3.7.3 allows remote malicious users to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
Fedoraproject Fedora 22Fedoraproject Fedora 23Opensuse Leap 42.1Mercurial MercurialDebian Debian Linux 8.0Debian Debian Linux 7.0Suse Linux Enterprise Software Development Kit 12Suse Linux Enterprise Software Development Kit 11Suse Linux Enterprise Debuginfo 11Opensuse Opensuse 13.2
NA
CVE-2015-2696
lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) prior to 1.14 relies on an inappropriate context handle, which allows remote malicious users to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_i...
Mit Kerberos 5Opensuse Leap 42.1Opensuse Opensuse 13.1Opensuse Opensuse 13.2Suse Linux Enterprise Desktop 12Suse Linux Enterprise Server 12Suse Linux Enterprise Software Development Kit 12Debian Debian Linux 7.0Debian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 15.04Canonical Ubuntu Linux 15.10
NA
CVE-2015-2697
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) prior to 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS requ...
Mit Kerberos 5Oracle Solaris 11.3Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 15.04Canonical Ubuntu Linux 15.10Debian Debian Linux 7.0Debian Debian Linux 8.0Debian Debian Linux 9.0Opensuse Leap 42.1Opensuse Opensuse 13.1Opensuse Opensuse 13.2Suse Linux Enterprise Desktop 12Suse Linux Enterprise Server 12Suse Linux Enterprise Software Development Kit 12
9.8
CVSSv3
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla FirefoxApple Mac Os XSuse Linux Enterprise Server 11Suse Studio Onsite 1.3Suse Linux Enterprise Software Development Kit 11Suse Linux Enterprise Debuginfo 11Opensuse Leap 42.1Suse Linux Enterprise Software Development Kit 12Suse Linux Enterprise Server 12Suse Linux Enterprise Desktop 12Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Libexpat Project LibexpatDebian Debian Linux 8.0Opensuse Opensuse 13.1Opensuse Opensuse 13.2Mcafee Policy AuditorPython Python
NA
CVE-2015-2695
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) prior to 1.14 relies on an inappropriate context handle, which allows remote malicious users to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during ...
Mit Kerberos 5Oracle Solaris 11.3Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 15.04Canonical Ubuntu Linux 15.10Debian Debian Linux 7.0Debian Debian Linux 8.0Debian Debian Linux 9.0Opensuse Leap 42.1Opensuse Opensuse 13.1Opensuse Opensuse 13.2Suse Linux Enterprise Desktop 11Suse Linux Enterprise Desktop 12Suse Linux Enterprise Server 11Suse Linux Enterprise Server 12Suse Linux Enterprise Software Development Kit 11Suse Linux Enterprise Software Development Kit 12
7.8
CVSSv3
CVE-2017-5332
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils prior to 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Icoutils Project IcoutilsRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Eus 7.7Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux Server Eus 7.3Redhat Enterprise Linux Server Eus 7.4Redhat Enterprise Linux Server Eus 7.5Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux Server Tus 7.3Redhat Enterprise Linux Server Tus 7.7Canonical Ubuntu Linux 12.04Debian Debian Linux 9.0Debian Debian Linux 8.0Debian Debian Linux 10.0Opensuse Leap 42.1Opensuse Leap 42.2
7.8
CVSSv3
CVE-2017-5333
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils prior to 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
Icoutils Project IcoutilsRedhat Enterprise Linux Server Eus 7.7Redhat Enterprise Linux Server Eus 7.4Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Tus 7.3Redhat Enterprise Linux Server Tus 7.7Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux 7.0Redhat Enterprise Linux Server Eus 7.3Redhat Enterprise Linux Server Eus 7.5Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Aus 7.7Canonical Ubuntu Linux 12.04Debian Debian Linux 9.0Debian Debian Linux 8.0Debian Debian Linux 10.0Opensuse Leap 42.1Opensuse Leap 42.2
7.5
CVSSv3
CVE-2016-5244
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel up to and including 4.6.3 does not initialize a certain structure member, which allows remote malicious users to obtain sensitive information from kernel stack memory by reading an RDS message.
Fedoraproject Fedora 23Suse Linux Enterprise Real Time Extension 11Fedoraproject Fedora 24Suse Linux Enterprise Debuginfo 11Suse Linux Enterprise Real Time Extension 12Suse Linux Enterprise Server 11Redhat Enterprise Linux 6.0Suse Suse Linux Enterprise Software Development Kit 11Suse Linux Enterprise Workstation Extension 12Redhat Enterprise Linux 5Suse Linux Enterprise Desktop 12Suse Opensuse Leap 42.1Suse Suse Linux Enterprise Software Development Kit 12Fedoraproject Fedora 22Linux Linux KernelSuse Suse Linux Enterprise Server 12
7.8
CVSSv3
CVE-2016-4805
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel prior to 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to...
Novell Suse Linux Enterprise Desktop 12.0Novell Suse Linux Enterprise Workstation Extension 12.0Novell Suse Linux Enterprise Module For Public Cloud 12.0Novell Suse Linux Enterprise Server 11.0Novell Opensuse Leap 42.1Novell Suse Linux Enterprise Software Development Kit 11.0Redhat Enterprise Linux 6.0Canonical Ubuntu Linux 12.04Linux Linux KernelNovell Suse Linux Enterprise Software Development Kit 12.0Novell Suse Linux Enterprise Server 12.0Redhat Enterprise Linux 7.0Oracle Linux 6Novell Suse Linux Enterprise Real Time Extension 11.0Novell Suse Linux Enterprise Real Time Extension 12.0Novell Suse Linux Enterprise Live Patching 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook