Product:
Linux
(Oracle)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/libarchive/libarchive • https://github.com/apache/httpd • https://github.com/openssl/openssl • https://github.com/mysql/mysql-server |
| #Vulnerabilities | 189 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-07-20 | CVE-2015-0253 | The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI. | Http_server, Mac_os_x, Mac_os_x_server, Linux, Solaris | N/A | ||
| 2016-06-01 | CVE-2016-5126 | Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call. | Ubuntu_linux, Debian_linux, Linux, Qemu, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openstack, Virtualization | 7.8 | ||
| 2015-01-28 | CVE-2015-0235 | Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST." | Mac_os_x, Debian_linux, Glibc, Pureapplication_system, Security_access_manager_for_enterprise_single_sign\-On, Communications_application_session_controller, Communications_eagle_application_processor, Communications_eagle_lnp_application_processor, Communications_lsms, Communications_policy_management, Communications_session_border_controller, Communications_user_data_repository, Communications_webrtc_session_controller, Exalogic_infrastructure, Linux, Vm_virtualbox, Virtualization | N/A | ||
| 2016-01-08 | CVE-2015-7512 | Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. | Debian_linux, Linux, Qemu, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Openstack, Virtualization | N/A | ||
| 2016-01-12 | CVE-2015-1779 | The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. | Ubuntu_linux, Debian_linux, Fedora, Linux, Qemu, Enterprise_linux_dekstop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization | N/A | ||
| 2016-07-21 | CVE-2016-3610 | Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598. | Jdk, Jre, Linux | 9.6 | ||
| 2016-07-21 | CVE-2016-3606 | Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. | Jdk, Jre, Linux | 9.6 | ||
| 2016-07-21 | CVE-2016-3598 | Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610. | Jdk, Jre, Linux | 9.6 | ||
| 2016-07-21 | CVE-2016-3587 | Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. | Jdk, Jre, Linux | 9.6 | ||
| 2016-07-21 | CVE-2016-3550 | Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot. | Jdk, Jre, Linux | 4.3 |