VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Suse
>
Openstack Cloud
> 5
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2016-05-05
CVE-2016-3718
Server-Side Request Forgery (SSRF) vulnerability in multiple products
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
local
low complexity
redhat
imagemagick
canonical
oracle
suse
opensuse
CWE-918
5.5
5.5
2016-05-05
CVE-2016-3715
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
local
low complexity
redhat
imagemagick
canonical
oracle
suse
opensuse
5.5
5.5
2016-04-21
CVE-2016-3427
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
network
low complexity
oracle
canonical
debian
netapp
apache
redhat
suse
opensuse
critical
9.8
9.8
2016-04-08
CVE-2016-2324
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
network
low complexity
suse
opensuse
git-scm
CWE-119
critical
9.8
9.8
2016-04-08
CVE-2016-2315
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
network
low complexity
suse
opensuse
git-scm
CWE-119
critical
9.8
9.8
2016-03-09
CVE-2016-1286
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
network
low complexity
isc
suse
opensuse
fedoraproject
canonical
debian
juniper
8.6
8.6
2016-03-09
CVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
network
high complexity
isc
suse
opensuse
fedoraproject
canonical
debian
juniper
6.8
6.8
«
Previous
1
2
(current)
»