Suse

Suse Linux Enterprise Server

132 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2015-2734

  • EPSS 1.25%
  • Veröffentlicht 06.07.2015 02:01:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, whic...

4.3

CVE-2015-4000

  • EPSS 93.9%
  • Veröffentlicht 21.05.2015 00:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie...

2.9

CVE-2015-3340

  • EPSS 0.63%
  • Veröffentlicht 28.04.2015 14:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

4.6

CVE-2015-2041

  • EPSS 0.07%
  • Veröffentlicht 21.04.2015 10:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a s...

4

CVE-2015-0500

  • EPSS 0.95%
  • Veröffentlicht 16.04.2015 16:59:49
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.

4

CVE-2015-0439

  • EPSS 0.93%
  • Veröffentlicht 16.04.2015 16:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

5

CVE-2014-8121

Exploit
  • EPSS 2.99%
  • Veröffentlicht 27.03.2015 14:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by perfor...

1.9

CVE-2015-0413

  • EPSS 0.1%
  • Veröffentlicht 21.01.2015 19:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.

7.8

CVE-2014-9322

Exploit
  • EPSS 5.23%
  • Veröffentlicht 17.12.2014 11:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access t...

3.3

CVE-2014-8134

Exploit
  • EPSS 0.08%
  • Veröffentlicht 12.12.2014 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted ...