Suse Suse Linux Enterprise Server — known CVE vulnerabilities
Every CVE whose affected-product data names Suse Suse Linux Enterprise Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (129)
CVE-2015-2738 — CVSS 10.0 (critical): The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x…
CVE-2010-2495 — CVSS 10.0 (critical): The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly…
CVE-2010-2302 — CVSS 10.0 (critical): Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service…
CVE-2014-2977 — CVSS 10.0 (critical): Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13…
CVE-2014-1512 — CVSS 10.0 (critical): Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4…
CVE-2014-2978 — CVSS 10.0 (critical): The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial…
CVE-2015-2734 — CVSS 10.0 (critical): The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x…
CVE-2015-2737 — CVSS 10.0 (critical): The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and…
CVE-2014-9761 — CVSS 9.8 (critical): Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a…
CVE-2014-1514 — CVSS 9.8 (critical): vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25…
CVE-2014-1524 — CVSS 9.8 (critical): The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5…
CVE-2016-2324 — CVSS 9.8 (critical): Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees…
CVE-2016-2315 — CVSS 9.8 (critical): revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long…
CVE-2015-8779 — CVSS 9.8 (critical): Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent…
CVE-2015-8778 — CVSS 9.8 (critical): Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service…
CVE-2013-5609 — CVSS 9.8 (critical): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before…
CVE-2013-5613 — CVSS 9.8 (critical): Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before…
CVE-2013-5615 — CVSS 9.8 (critical): The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before…
CVE-2013-5616 — CVSS 9.8 (critical): Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x…
CVE-2013-5618 — CVSS 9.8 (critical): Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in…
CVE-2013-6671 — CVSS 9.8 (critical): The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and…
CVE-2014-1477 — CVSS 9.8 (critical): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before…
CVE-2014-1486 — CVSS 9.8 (critical): Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird…
CVE-2014-1493 — CVSS 9.8 (critical): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before…
CVE-2014-1532 — CVSS 9.8 (critical): Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0…
CVE-2014-1510 — CVSS 9.8 (critical): The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25…
CVE-2014-1511 — CVSS 9.8 (critical): Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to…
CVE-2010-2297 — CVSS 9.3 (critical): rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service…
CVE-2010-1770 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome…
CVE-2015-5041 — CVSS 9.1 (critical): The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows…
CVE-2014-1508 — CVSS 9.1 (critical): The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and…
CVE-2015-8776 — CVSS 9.1 (critical): The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service…
CVE-2020-6424 — CVSS 8.8 (high): Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6449 — CVSS 8.8 (high): Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6422 — CVSS 8.8 (high): Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6429 — CVSS 8.8 (high): Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-5504 — CVSS 8.8 (high): In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL…
CVE-2018-19655 — CVSS 8.8 (high): A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow…
CVE-2020-6428 — CVSS 8.8 (high): Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6427 — CVSS 8.8 (high): Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2014-1518 — CVSS 8.8 (high): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before…
CVE-2014-1513 — CVSS 8.8 (high): TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does…
CVE-2012-5830 — CVSS 8.8 (high): Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x…
CVE-2014-1529 — CVSS 8.8 (high): The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26…
CVE-2014-1509 — CVSS 8.8 (high): Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before…
CVE-2014-1531 — CVSS 8.8 (high): Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x…
CVE-2014-1497 — CVSS 8.8 (high): The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4…
CVE-2014-1482 — CVSS 8.8 (high): RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not…
CVE-2015-7547 — CVSS 8.1 (high): Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc…
CVE-2010-2960 — CVSS 7.8 (high): The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent…
CVE-2008-2812 — CVSS 7.8 (high): The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system…
CVE-2009-3289 — CVSS 7.8 (high): The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows…
CVE-2010-2524 — CVSS 7.8 (high): The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled…
CVE-2010-2798 — CVSS 7.8 (high): The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations…
CVE-2010-3081 — CVSS 7.8 (high): The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not…
CVE-2014-7826 — CVSS 7.8 (high): kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace…
CVE-2014-8369 — CVSS 7.8 (high): The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the…
CVE-2014-9322 — CVSS 7.8 (high): arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment…
CVE-2016-1602 — CVSS 7.8 (high): A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux…
CVE-2016-9958 — CVSS 7.8 (high): game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
CVE-2016-9959 — CVSS 7.8 (high): game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
CVE-2016-5244 — CVSS 7.5 (high): The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which…
CVE-2010-4494 — CVSS 7.5 (high): Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows…
CVE-2018-12122 — CVSS 7.5 (high): Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial…
CVE-2018-12116 — CVSS 7.5 (high): Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized…
CVE-2014-1487 — CVSS 7.5 (high): The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before…
CVE-2014-1481 — CVSS 7.5 (high): Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to…
CVE-2014-9854 — CVSS 7.5 (high): coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the…
CVE-2018-19052 — CVSS 7.5 (high): An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a…
CVE-2014-1505 — CVSS 7.5 (high): The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before…
CVE-2014-1479 — CVSS 7.5 (high): The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and…
CVE-2014-3673 — CVSS 7.5 (high): The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a…
CVE-2015-3405 — CVSS 7.5 (high): ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian…
CVE-2014-3687 — CVSS 7.5 (high): The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows…
CVE-2015-5300 — CVSS 7.5 (high): The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128…
CVE-2017-14798 — CVSS 7.3 (high): A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their…
CVE-2015-5154 — CVSS 7.2 (high): Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled…
CVE-2014-2706 — CVSS 7.1 (high): Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system…
CVE-2010-2537 — CVSS 7.1 (high): The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file…
CVE-2009-3547 — CVSS 7.0 (high): Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer…
CVE-2011-3026 — CVSS 6.8 (medium): Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly…
CVE-2020-6426 — CVSS 6.5 (medium): Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption…
CVE-2014-1523 — CVSS 6.5 (medium): Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5…
CVE-2018-19208 — CVSS 6.5 (medium): In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will…
CVE-2020-15705 — CVSS 6.4 (medium): GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems…
CVE-2020-15706 — CVSS 6.4 (medium): GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by…
CVE-2014-1530 — CVSS 6.1 (medium): The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before…
CVE-2011-4190 — CVSS 5.9 (medium): The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version…
CVE-2020-15707 — CVSS 5.7 (medium): Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in…
CVE-2017-5753 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an…
CVE-2016-0264 — CVSS 5.6 (medium): Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25…
CVE-2008-3275 — CVSS 5.5 (medium): The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not…
CVE-2014-3610 — CVSS 5.5 (medium): The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a…
CVE-2014-8559 — CVSS 5.5 (medium): The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows…
CVE-2014-1496 — CVSS 5.5 (medium): Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to…
CVE-2010-2942 — CVSS 5.5 (medium): The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain…
CVE-2014-3646 — CVSS 5.5 (medium): arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which…
CVE-2010-2066 — CVSS 5.5 (medium): The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only…
CVE-2014-3647 — CVSS 5.5 (medium): arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS…
CVE-2010-3078 — CVSS 5.5 (medium): The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain…
CVE-2009-3621 — CVSS 5.5 (medium): net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an…
CVE-2007-6716 — CVSS 5.5 (medium): fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users…
CVE-2011-3172 — CVSS 5.4 (medium): A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected…
CVE-2019-3688 — CVSS 5.1 (medium): The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux…
CVE-2014-8121 — CVSS 5.0 (medium): DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not…
CVE-2014-9116 — CVSS 5.0 (medium): The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote…
CVE-2019-15624 — CVSS 4.9 (medium): Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
CVE-2014-8086 — CVSS 4.7 (medium): Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial…
CVE-2015-2041 — CVSS 4.6 (medium): net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain…
CVE-2015-5707 — CVSS 4.6 (medium): Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to…
CVE-2014-3601 — CVSS 4.3 (medium): The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the…
CVE-2010-2301 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote…
CVE-2015-7976 — CVSS 4.3 (medium): The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special…
CVE-2010-4008 — CVSS 4.3 (medium): libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid…
CVE-2015-0500 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown…
CVE-2015-0439 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown…
CVE-2018-20105 — CVSS 4.0 (medium): A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local…
CVE-2015-4000 — CVSS 3.7 (low): The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a…
CVE-2018-6556 — CVSS 3.3 (low): lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an…
CVE-2011-1585 — CVSS 3.3 (low): The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between…
CVE-2014-8134 — CVSS 3.3 (low): The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM…
CVE-2015-3340 — CVSS 2.9 (low): Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information…
CVE-2014-1739 — CVSS 2.1 (low): The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain…
CVE-2010-3881 — CVSS 2.1 (low): arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain…
CVE-2014-0181 — CVSS 2.1 (low): The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the…
CVE-2015-0413 — CVSS 1.9 (low): Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to…