Vulnerabilities > Suse > Openstack Cloud > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-01-03 CVE-2017-18017 Use After Free vulnerability in multiple products
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
network
low complexity
linux debian arista f5 suse opensuse openstack canonical redhat CWE-416
critical
 9.8
9.8
2016-04-08 CVE-2016-2315 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
network
low complexity
suse opensuse git-scm CWE-119
critical
 9.8
9.8
2016-04-08 CVE-2016-2324 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
network
low complexity
suse opensuse git-scm CWE-119
critical
 9.8
9.8