VYPR

Linux Enterprise Server

by SUSE S.A.

CVEs (551)

  • CVE-2014-4260Jul 17, 2014
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

  • CVE-2014-4258Jul 17, 2014
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.

  • CVE-2014-4243Jul 17, 2014
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.

  • CVE-2014-4214Jul 17, 2014
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.

  • CVE-2014-4207Jul 17, 2014
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

  • CVE-2014-2494Jul 17, 2014
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.

  • CVE-2014-2484Jul 17, 2014
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.

  • CVE-2014-4667Jul 3, 2014
    risk 0.00cvss epss 0.06

    The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.

  • CVE-2014-4656Jul 3, 2014
    risk 0.00cvss epss 0.01

    Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid…

  • CVE-2014-4655Jul 3, 2014
    risk 0.00cvss epss 0.00

    The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging…

  • CVE-2014-4654Jul 3, 2014
    risk 0.00cvss epss 0.01

    The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service…

  • CVE-2014-4653Jul 3, 2014
    risk 0.00cvss epss 0.01

    sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging…

  • CVE-2014-4652Jul 3, 2014
    risk 0.00cvss epss 0.00

    Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging…

  • CVE-2014-4027Jun 23, 2014
    risk 0.00cvss epss 0.01

    The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

  • CVE-2014-1739Jun 23, 2014
    risk 0.00cvss epss 0.01

    The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a…

  • CVE-2014-4039Jun 17, 2014
    risk 0.00cvss epss 0.00

    ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and…

  • CVE-2014-4038Jun 17, 2014
    risk 0.00cvss epss 0.00

    ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.

  • CVE-2014-2978Jun 11, 2014
    risk 0.00cvss epss 0.06

    The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.

  • CVE-2014-3469Jun 5, 2014
    risk 0.00cvss epss 0.04

    The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.

  • CVE-2014-3468Jun 5, 2014
    risk 0.00cvss epss 0.04

    The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

Page 18 of 28