RSS   Vulnerabilities for
'Linux enterprise workstation extension'
   RSS

2017-04-12
 
CVE-2016-9959

CWE-787
 

 
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

 
 
CVE-2016-9958

CWE-119
 

 
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

 
 
CVE-2016-9957

CWE-119
 

 
Stack-based buffer overflow in game-music-emu before 0.6.1.

 
2017-03-17
 
CVE-2014-9853

CWE-399
 

 
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

 
 
CVE-2014-9852

CWE-913
 

 
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.

 
2016-06-27
 
CVE-2016-5244

CWE-200
 

 
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

 
2016-04-08
 
CVE-2015-5969

CWE-200
 

 
The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.

 
2015-07-14
 
CVE-2015-5123

CWE-416
 

 
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

 
 
CVE-2015-5122

CWE-Other
 

 
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

 
2014-06-11
 
CVE-2014-2978

CWE-119
 

 
The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.

 


Copyright 2019, cxsecurity.com

 

Back to Top