Product:

Suse_manager

(Novell)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 8
Date Id Summary Products Score Patch Annotated
2016-07-05 CVE-2016-4955 ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time. Suse_manager, Ntp, Leap, Opensuse, Solaris, Simatic_net_cp_443\-1_opc_ua_firmware, Linux_enterprise_desktop, Linux_enterprise_server, Manager_proxy, Openstack_cloud 5.9
2016-07-05 CVE-2016-4956 ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548. Suse_manager, Ntp, Leap, Opensuse, Solaris, Simatic_net_cp_443\-1_opc_ua_firmware, Linux_enterprise_desktop, Linux_enterprise_server, Manager_proxy, Openstack_cloud 5.3
2016-07-05 CVE-2016-4957 ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547. Suse_manager, Ntp, Leap, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Manager_proxy, Openstack_cloud N/A
2016-03-09 CVE-2016-1286 named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. Bind, Suse_manager, Suse_manager_proxy, Suse_openstack_cloud 8.6
2016-03-09 CVE-2016-1285 named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. Bind, Suse_manager, Suse_manager_proxy, Suse_openstack_cloud 6.8
2016-06-03 CVE-2016-0376 The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the... Java_sdk, Suse_linux_enterprise_module_for_legacy_software, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_manager, Suse_manager_proxy, Suse_openstack_cloud, Enterprise_linux_desktop_supplementary, Enterprise_linux_hpc_node_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_supplementary, Enterprise_linux_workstation_supplementary 8.1
2016-06-03 CVE-2016-0363 The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance... Java_sdk, Suse_linux_enterprise_module_for_legacy_software, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_manager, Suse_manager_proxy, Suse_openstack_cloud, Enterprise_linux_desktop_supplementary, Enterprise_linux_hpc_node_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_supplementary, Enterprise_linux_workstation_supplementary 8.1
2013-12-02 CVE-2012-0414 Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name. Suse_manager N/A