CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

suse

linux_enterprise_debuginfo

4 known vulnerabilities · sorted by CVSS score

CVE-2017-18017

CRITICAL9.8

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

linux / linux_kernel+65

Network

Published Jan 3, 2018

CVE-2018-10195

HIGH7.1

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

lrzsz_project / lrzsz+5

Local

Published Jun 2, 2021

CVE-2015-5239

MEDIUM6.5

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

arista / eos+21

Network

Published Jan 23, 2020

CVE-2019-11038

MEDIUM5.3

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.

libgd / libgd+24

Network

Published Jun 19, 2019