Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

suse linux enterprise server 11 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv3
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2Ntp NtpNtp Ntp 4.3.0Ntp Ntp 4.3.1Ntp Ntp 4.3.16Ntp Ntp 4.3.17Ntp Ntp 4.3.24Ntp Ntp 4.3.25Ntp Ntp 4.3.31Ntp Ntp 4.3.32Ntp Ntp 4.3.39Ntp Ntp 4.3.4Ntp Ntp 4.3.47Ntp Ntp 4.3.48Ntp Ntp 4.3.54Ntp Ntp 4.3.55Ntp Ntp 4.3.61Ntp Ntp 4.3.62Ntp Ntp 4.3.63Ntp Ntp 4.3.7Ntp Ntp 4.3.70Ntp Ntp 4.3.77
7.5
CVSSv3
CVE-2016-4957
ntpd in NTP prior to 4.2.8p8 allows remote malicious users to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
Ntp Ntp 4.2.8Ntp Ntp 4.3.92Oracle Solaris 10Oracle Solaris 11.3Suse Manager Proxy 2.1Suse Openstack Cloud 5Novell Suse Manager 2.1Opensuse Leap 42.1Opensuse Opensuse 13.2Suse Linux Enterprise Desktop 12Suse Linux Enterprise Server 11Suse Linux Enterprise Server 12
7.5
CVSSv3
CVE-2016-4953
ntpd in NTP 4.x prior to 4.2.8p8 allows remote malicious users to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
Ntp NtpNtp Ntp 4.2.8Oracle Solaris 10Oracle Solaris 11.3Suse Manager 2.1Suse Manager Proxy 2.1Suse Openstack Cloud 5Opensuse Leap 42.1Opensuse Opensuse 13.2Suse Linux Enterprise Desktop 12Suse Linux Enterprise Server 11Suse Linux Enterprise Server 12Siemens Simatic Net Cp 443-1 Opc Ua FirmwareSiemens Tim 4r-ie FirmwareSiemens Tim 4r-ie Dnp3 Firmware
7.5
CVSSv3
CVE-2016-4954
The process_packet function in ntp_proto.c in ntpd in NTP 4.x prior to 4.2.8p8 allows remote malicious users to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an ...
Ntp Ntp 4.2.8Ntp NtpOracle Solaris 11.3Oracle Solaris 10Suse Linux Enterprise Server 11Suse Openstack Cloud 5Suse Manager Proxy 2.1Suse Manager 2.1Suse Linux Enterprise Server 12Suse Linux Enterprise Desktop 12Opensuse Leap 42.1Opensuse Opensuse 13.2Siemens Simatic Net Cp 443-1 Opc Ua FirmwareSiemens Tim 4r-ie FirmwareSiemens Tim 4r-ie Dnp3 Firmware
5.9
CVSSv3
CVE-2016-4955
ntpd in NTP 4.x prior to 4.2.8p8, when autokey is enabled, allows remote malicious users to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
Ntp Ntp 4.2.8Ntp NtpOracle Solaris 11.3Oracle Solaris 10Novell Suse Manager 2.1Suse Linux Enterprise Server 11Suse Openstack Cloud 5Suse Manager Proxy 2.1Suse Linux Enterprise Server 12Suse Linux Enterprise Desktop 12Opensuse Leap 42.1Opensuse Opensuse 13.2Siemens Simatic Net Cp 443-1 Opc Ua Firmware
5.3
CVSSv3
CVE-2016-4956
ntpd in NTP 4.x prior to 4.2.8p8 allows remote malicious users to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.
Ntp Ntp 4.2.8Ntp NtpOracle Solaris 11.3Oracle Solaris 10Novell Suse Manager 2.1Suse Linux Enterprise Server 11Suse Openstack Cloud 5Suse Manager Proxy 2.1Suse Linux Enterprise Server 12Suse Linux Enterprise Desktop 12Opensuse Leap 42.1Opensuse Opensuse 13.2Siemens Simatic Net Cp 443-1 Opc Ua Firmware
7.5
CVSSv3
CVE-2016-5244
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel up to and including 4.6.3 does not initialize a certain structure member, which allows remote malicious users to obtain sensitive information from kernel stack memory by reading an RDS message.
Fedoraproject Fedora 23Suse Linux Enterprise Real Time Extension 11Fedoraproject Fedora 24Suse Linux Enterprise Debuginfo 11Suse Linux Enterprise Real Time Extension 12Suse Linux Enterprise Server 11Redhat Enterprise Linux 6.0Suse Suse Linux Enterprise Software Development Kit 11Suse Linux Enterprise Workstation Extension 12Redhat Enterprise Linux 5Suse Linux Enterprise Desktop 12Suse Opensuse Leap 42.1Suse Suse Linux Enterprise Software Development Kit 12Fedoraproject Fedora 22Linux Linux KernelSuse Suse Linux Enterprise Server 12
9.8
CVSSv3
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla FirefoxApple Mac Os XSuse Linux Enterprise Server 11Suse Studio Onsite 1.3Suse Linux Enterprise Software Development Kit 11Suse Linux Enterprise Debuginfo 11Opensuse Leap 42.1Suse Linux Enterprise Software Development Kit 12Suse Linux Enterprise Server 12Suse Linux Enterprise Desktop 12Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Libexpat Project LibexpatDebian Debian Linux 8.0Opensuse Opensuse 13.1Opensuse Opensuse 13.2Mcafee Policy AuditorPython Python
7.5
CVSSv3
CVE-2016-4485
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel prior to 4.5.5 does not initialize a certain data structure, which allows malicious users to obtain sensitive information from kernel stack memory by reading a message.
Novell Suse Linux Enterprise Server 11Novell Suse Linux Enterprise Debuginfo 11Novell Suse Linux Enterprise Software Development Kit 11.0Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04Linux Linux Kernel
4.6
CVSSv3
CVE-2016-2187
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel up to and including 4.5.2 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04Linux Linux KernelNovell Suse Linux Enterprise Server 11Novell Suse Linux Enterprise Debuginfo 11Novell Suse Linux Enterprise Software Development Kit 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook