RSS   Vulnerabilities for 'Linux enterprise desktop'   RSS

2020-05-04
 
CVE-2020-8018

CWE-276
 

 
A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by the user This issue affects: SUSE Linux Enterprise Server 15 SP1 SLES15-SP1-CAP-Deployment-BYOS version 1.0.1 and prior versions; SLES15-SP1-CHOST-BYOS versions prior to 1.0.3 and prior versions;

 
2020-02-17
 
CVE-2014-1947

CWE-787
 

 
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.

 
2020-01-27
 
CVE-2006-7246

CWE-295
 

 
NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

 
2020-01-23
 
CVE-2015-5239

CWE-835
 

 
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

 
2019-03-21
 
CVE-2017-16232

CWE-772
 

 
** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue.

 
2018-11-25
 
CVE-2018-19543

CWE-125
 

 
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

 
 
CVE-2018-19542

CWE-476
 

 
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

 
 
CVE-2018-19541

CWE-125
 

 
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.

 
 
CVE-2018-19540

CWE-119
 

 
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.

 
 
CVE-2018-19539

CWE-noinfo
 

 
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.

 


Copyright 2021, cxsecurity.com

 

Back to Top