Vulnerability & Exploit Database

Displaying all 6 entries

Results for: CVE-2018-2685 Back to search

SUSE: CVE-2016-10708: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 21, 2018

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

SUSE: CVE-2018-2685: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: January 17, 2018

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM Virtu...

Gentoo Linux: CVE-2018-2685: VirtualBox: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: January 17, 2018

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM Virtu...

SUSE: CVE-2017-15906: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: October 25, 2017

The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

SUSE: CVE-2017-1000250: SUSE Linux Security Advisory Vulnerability

  • Severity: 3
  • Published: September 12, 2017

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.

SUSE: CVE-2016-10012: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: January 04, 2017

The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.