| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of SUSE Linux Enterprise Server
git-annex: information disclosure via Local Gpg Encrypted File
Synthesis of the vulnerability
An attacker can bypass access restrictions to data via Local Gpg Encrypted File of git-annex, in order to obtain sensitive information.
Severity: 1/4.
Creation date: 06/07/2018.
Identifiers: CVE-2018-10859, DLA-1495-1, FEDORA-2018-7e8c49a451, FEDORA-2018-e22c8eb218, openSUSE-SU-2018:1896-1, openSUSE-SU-2018:1897-1, VIGILANCE-VUL-26640.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can bypass access restrictions to data via Local Gpg Encrypted File of git-annex, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
Ansible Core: privilege escalation via Current Directory Ansible.cfg
Synthesis of the vulnerability
An attacker can bypass restrictions via Current Directory Ansible.cfg of Ansible Core, in order to escalate his privileges.
Severity: 2/4.
Creation date: 06/07/2018.
Identifiers: CVE-2018-10875, DLA-1923-1, DSA-4396-1, openSUSE-SU-2019:0238-1, openSUSE-SU-2019:1125-1, USN-4072-1, VIGILANCE-VUL-26638.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can bypass restrictions via Current Directory Ansible.cfg of Ansible Core, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
exiv2: out-of-bounds memory reading via Exiv2-Jp2Image-readMetadata
Synthesis of the vulnerability
An attacker can force a read at an invalid address via Exiv2::Jp2Image::readMetadata() of exiv2, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 05/07/2018.
Identifiers: CVE-2017-14860, openSUSE-SU-2018:1961-1, SUSE-SU-2018:1882-1, VIGILANCE-VUL-26636.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can force a read at an invalid address via Exiv2::Jp2Image::readMetadata() of exiv2, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
exiv2: out-of-bounds memory reading via Exiv2-Image-io
Synthesis of the vulnerability
An attacker can force a read at an invalid address via Exiv2::Image::io() of exiv2, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 05/07/2018.
Identifiers: CVE-2017-12957, openSUSE-SU-2018:1961-1, SUSE-SU-2018:1882-1, VIGILANCE-VUL-26635.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can force a read at an invalid address via Exiv2::Image::io() of exiv2, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
exiv2: denial of service via Exiv2-FileIo-path
Synthesis of the vulnerability
An attacker can generate a fatal error via Exiv2::FileIo::path() of exiv2, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 05/07/2018.
Identifiers: CVE-2017-12956, openSUSE-SU-2018:1961-1, SUSE-SU-2018:1882-1, VIGILANCE-VUL-26634.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can generate a fatal error via Exiv2::FileIo::path() of exiv2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
exiv2: buffer overflow via Exiv2-Image-printIFDStructure
Synthesis of the vulnerability
An attacker can generate a buffer overflow via Exiv2::Image::printIFDStructure() of exiv2, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 05/07/2018.
Identifiers: CVE-2017-12955, openSUSE-SU-2018:1961-1, SUSE-SU-2018:1882-1, VIGILANCE-VUL-26633.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can generate a buffer overflow via Exiv2::Image::printIFDStructure() of exiv2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
exiv2: memory corruption via Exiv2-FileIo-seek
Synthesis of the vulnerability
An attacker can generate a memory corruption via Exiv2::FileIo::seek() of exiv2, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 05/07/2018.
Identifiers: CVE-2017-11592, openSUSE-SU-2018:1961-1, SUSE-SU-2018:1882-1, VIGILANCE-VUL-26632.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can generate a memory corruption via Exiv2::FileIo::seek() of exiv2, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
exiv2: denial of service via extend_alias_table
Synthesis of the vulnerability
An attacker can generate a fatal error via extend_alias_table() of exiv2, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 05/07/2018.
Identifiers: CVE-2017-11553, openSUSE-SU-2018:1961-1, SUSE-SU-2018:1882-1, VIGILANCE-VUL-26631.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can generate a fatal error via extend_alias_table() of exiv2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
exiv2: denial of service via XmpParser-terminate
Synthesis of the vulnerability
An attacker can generate a fatal error via XmpParser::terminate() of exiv2, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 05/07/2018.
Identifiers: CVE-2017-11340, openSUSE-SU-2018:1961-1, SUSE-SU-2018:1882-1, VIGILANCE-VUL-26630.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can generate a fatal error via XmpParser::terminate() of exiv2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about SUSE Linux Enterprise Server:
|