Suse

Linux Enterprise Workstation Extension

105 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2014-6568

  • EPSS 2.94%
  • Veröffentlicht 21.01.2015 15:28:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

2.1

CVE-2014-9585

Exploit
  • EPSS 0.05%
  • Veröffentlicht 09.01.2015 21:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the ...

2.1

CVE-2014-9584

  • EPSS 0.13%
  • Veröffentlicht 09.01.2015 21:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel...

5.5

CVE-2014-8559

Exploit
  • EPSS 0.06%
  • Veröffentlicht 10.11.2014 11:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

5.5

CVE-2014-3690

  • EPSS 0.04%
  • Veröffentlicht 10.11.2014 11:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or caus...

7.8

CVE-2014-3673

Exploit
  • EPSS 9.12%
  • Veröffentlicht 10.11.2014 11:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

7.8

CVE-2014-3687

Exploit
  • EPSS 3.38%
  • Veröffentlicht 10.11.2014 11:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork ...

2.1

CVE-2014-6551

  • EPSS 0.15%
  • Veröffentlicht 15.10.2014 22:55:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.

6.5

CVE-2014-6555

  • EPSS 0.46%
  • Veröffentlicht 15.10.2014 22:55:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

4.3

CVE-2014-6559

  • EPSS 0.81%
  • Veröffentlicht 15.10.2014 22:55:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.