cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2016-5759,https://securityvulnerability.io/vulnerability/CVE-2016-5759,,"The mkdumprd script called ""dracut"" in the current working directory ""."" allows local users to trick the administrator into executing code as root.",Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop,Leap",7.8,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2017-09-08T18:00:00.000Z,0
CVE-2015-8920,https://securityvulnerability.io/vulnerability/CVE-2015-8920,,The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.,Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop,Suse Linux Enterprise Software Development Kit",5.5,MEDIUM,0.0134699996560812,false,false,false,false,,false,false,2016-09-20T14:00:00.000Z,0
CVE-2015-8918,https://securityvulnerability.io/vulnerability/CVE-2015-8918,,"The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to ""overlapping memcpy.""",Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop,Suse Linux Enterprise Software Development Kit",7.5,HIGH,0.07959000021219254,false,false,false,false,,false,false,2016-09-20T14:00:00.000Z,0
CVE-2015-8921,https://securityvulnerability.io/vulnerability/CVE-2015-8921,,The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.,Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop,Suse Linux Enterprise Software Development Kit",7.5,HIGH,0.07728999853134155,false,false,false,false,,false,false,2016-09-20T14:00:00.000Z,0
CVE-2016-4486,https://securityvulnerability.io/vulnerability/CVE-2016-4486,,"The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.",Novell,"Suse Linux Enterprise Module For Public Cloud,Suse Linux Enterprise Server,Suse Linux Enterprise Live Patching,Suse Linux Enterprise Desktop,Suse Linux Enterprise Real Time Extension,Suse Linux Enterprise Workstation Extension,Suse Linux Enterprise Debuginfo,Suse Linux Enterprise Software Development Kit",3.3,LOW,0.0004400000034365803,false,false,false,false,,false,false,2016-05-23T10:00:00.000Z,0
CVE-2016-4805,https://securityvulnerability.io/vulnerability/CVE-2016-4805,,"Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.",Novell,Suse Linux Enterprise Desktop,7.8,HIGH,0.0006200000061653554,false,false,false,false,,false,false,2016-05-23T10:00:00.000Z,0
CVE-2016-3689,https://securityvulnerability.io/vulnerability/CVE-2016-3689,,The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.,Novell,"Suse Linux Enterprise Module For Public Cloud,Suse Linux Enterprise Server,Suse Linux Enterprise Live Patching,Suse Linux Enterprise Desktop,Suse Linux Enterprise Real Time Extension,Suse Linux Enterprise Workstation Extension,Suse Linux Enterprise Software Development Kit",4.6,MEDIUM,0.0030900000128895044,false,false,false,false,,false,false,2016-05-02T10:00:00.000Z,0
CVE-2016-2188,https://securityvulnerability.io/vulnerability/CVE-2016-2188,,The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.,Novell,"Suse Linux Enterprise Module For Public Cloud,Suse Linux Enterprise Server,Suse Linux Enterprise Live Patching,Suse Linux Enterprise Real Time Extension,Suse Linux Enterprise Desktop,Suse Linux Enterprise Workstation Extension,Suse Linux Enterprise Debuginfo,Suse Linux Enterprise Software Development Kit",4.6,MEDIUM,0.008940000087022781,false,false,false,false,,false,false,2016-05-02T10:00:00.000Z,0
CVE-2016-3137,https://securityvulnerability.io/vulnerability/CVE-2016-3137,,"drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.",Novell,"Suse Linux Enterprise Module For Public Cloud,Suse Linux Enterprise Server,Suse Linux Enterprise Live Patching,Suse Linux Enterprise Real Time Extension,Suse Linux Enterprise Desktop,Suse Linux Enterprise Workstation Extension,Suse Linux Enterprise Debuginfo,Suse Linux Enterprise Software Development Kit",4.6,MEDIUM,0.0023499999660998583,false,false,false,false,,false,false,2016-05-02T10:00:00.000Z,0
CVE-2016-3139,https://securityvulnerability.io/vulnerability/CVE-2016-3139,,The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.,Novell,"Suse Linux Enterprise Module For Public Cloud,Suse Linux Enterprise Server,Suse Linux Enterprise Live Patching,Suse Linux Enterprise Real Time Extension,Suse Linux Enterprise Desktop,Suse Linux Enterprise Workstation Extension,Suse Linux Enterprise Debuginfo,Suse Linux Enterprise Software Development Kit",4.6,MEDIUM,0.009990000165998936,false,false,false,false,,false,false,2016-04-27T17:00:00.000Z,0
CVE-2015-8816,https://securityvulnerability.io/vulnerability/CVE-2015-8816,,"The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Debuginfo,Suse Linux Enterprise Live Patching,Suse Linux Enterprise Real Time Extension,Suse Linux Enterprise Desktop,Suse Linux Enterprise Module For Public Cloud,Suse Linux Enterprise Workstation Extension,Suse Linux Enterprise Software Development Kit",6.8,MEDIUM,0.003370000049471855,false,false,false,false,,false,false,2016-04-27T17:00:00.000Z,0
CVE-2016-3134,https://securityvulnerability.io/vulnerability/CVE-2016-3134,,"The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",Novell,"Suse Linux Enterprise Module For Public Cloud,Suse Linux Enterprise Server,Suse Linux Enterprise Live Patching,Suse Linux Enterprise Desktop,Suse Linux Enterprise Real Time Extension,Suse Linux Enterprise Workstation Extension,Suse Linux Enterprise Debuginfo,Suse Linux Enterprise Software Development Kit",8.4,HIGH,0.0016400000313296914,false,false,false,false,,false,false,2016-04-27T17:00:00.000Z,0
CVE-2016-3156,https://securityvulnerability.io/vulnerability/CVE-2016-3156,,"The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.",Novell,"Suse Linux Enterprise Module For Public Cloud,Suse Linux Enterprise Server,Suse Linux Enterprise Live Patching,Suse Linux Enterprise Real Time Extension,Suse Linux Enterprise Desktop,Suse Linux Enterprise Workstation Extension,Suse Linux Enterprise Debuginfo,Suse Linux Enterprise Software Development Kit",5.5,MEDIUM,0.0006399999838322401,false,false,false,false,,false,false,2016-04-27T17:00:00.000Z,0
CVE-2015-2725,https://securityvulnerability.io/vulnerability/CVE-2015-2725,,"Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop,Suse Linux Enterprise Software Development Kit",,,0.007499999832361937,false,false,false,false,,false,false,2015-07-06T01:00:00.000Z,0
CVE-2015-2730,https://securityvulnerability.io/vulnerability/CVE-2015-2730,,"Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.",Novell,"Suse Linux Enterprise Server,Debian Linux,Suse Linux Enterprise Desktop,Suse Linux Enterprise Software Development Kit",,,0.0026400000788271427,false,false,false,false,,false,false,2015-07-06T01:00:00.000Z,0
CVE-2015-2728,https://securityvulnerability.io/vulnerability/CVE-2015-2728,,"The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a ""type confusion"" issue.",Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop",,,0.022630000486969948,false,false,false,false,,false,false,2015-07-06T01:00:00.000Z,0
CVE-2015-2713,https://securityvulnerability.io/vulnerability/CVE-2015-2713,,"Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.",Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop,Opensuse,Suse Linux Enterprise Software Development Kit",,,0.026019999757409096,false,false,false,false,,false,false,2015-05-14T10:00:00.000Z,0
CVE-2015-2708,https://securityvulnerability.io/vulnerability/CVE-2015-2708,,"Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",Novell,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop,Opensuse,Suse Linux Enterprise Software Development Kit",,,0.031099999323487282,false,false,false,false,,false,false,2015-05-14T10:00:00.000Z,0
CVE-2015-0403,https://securityvulnerability.io/vulnerability/CVE-2015-0403,,"Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.",Novell,Suse Linux Enterprise Desktop,,,0.0004400000034365803,false,false,false,false,,false,false,2015-01-21T18:00:00.000Z,0
CVE-2006-0736,https://securityvulnerability.io/vulnerability/CVE-2006-0736,,Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.,Novell,"Linux Desktop,Open Enterprise Server",,,0.8550400137901306,false,false,false,false,,false,false,2006-02-27T20:00:00.000Z,0
CVE-2005-1761,https://securityvulnerability.io/vulnerability/CVE-2005-1761,,Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.,Novell,"Open Enterprise Server,Linux Desktop",,,0.00107999995816499,false,false,false,false,,false,false,2005-08-05T04:00:00.000Z,0
CVE-2005-1767,https://securityvulnerability.io/vulnerability/CVE-2005-1767,,"traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).",Novell,"Open Enterprise Server,Linux Desktop",,,0.00044999999227002263,false,false,false,false,,false,false,2005-08-05T04:00:00.000Z,0
CVE-2005-1763,https://securityvulnerability.io/vulnerability/CVE-2005-1763,,Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.,Novell,Linux Desktop,,,0.00046999999904073775,false,false,false,false,,false,false,2005-06-09T04:00:00.000Z,0
CVE-2005-1065,https://securityvulnerability.io/vulnerability/CVE-2005-1065,,tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.,Novell,Linux Desktop,,,0.0005000000237487257,false,false,false,false,,false,false,2005-05-02T04:00:00.000Z,0
CVE-2005-1040,https://securityvulnerability.io/vulnerability/CVE-2005-1040,,"Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to ""User input [being] passed to network scripts without verification.""",Novell,Linux Desktop,,,0.0005000000237487257,false,false,false,false,,false,false,2005-05-02T04:00:00.000Z,0