VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Suse
>
Manager Proxy
> 2.1
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2016-05-24
CVE-2016-0264
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.
network
high complexity
suse
ibm
redhat
CWE-119
5.6
5.6
2016-05-05
CVE-2016-3718
Server-Side Request Forgery (SSRF) vulnerability in multiple products
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
local
low complexity
redhat
imagemagick
canonical
oracle
suse
opensuse
CWE-918
5.5
5.5
2016-05-05
CVE-2016-3715
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
local
low complexity
redhat
imagemagick
canonical
oracle
suse
opensuse
5.5
5.5
2016-04-21
CVE-2016-3427
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
network
low complexity
oracle
canonical
debian
netapp
apache
redhat
suse
opensuse
critical
9.8
9.8
2016-03-09
CVE-2016-1286
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
network
low complexity
isc
suse
opensuse
fedoraproject
canonical
debian
juniper
8.6
8.6
2016-03-09
CVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
network
high complexity
isc
suse
opensuse
fedoraproject
canonical
debian
juniper
6.8
6.8
«
Previous
1
2
(current)
»