Suse

Linux Enterprise Desktop

460 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-32463

Warning Media report Exploit
  • EPSS 23.61%
  • Published 30.06.2025 00:00:00
  • Last modified 30.09.2025 13:30:30

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

7.8

CVE-2022-27239

  • EPSS 0.12%
  • Published 27.04.2022 14:15:09
  • Last modified 21.11.2024 06:55:28

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

7.8

CVE-2021-4034

Warning Exploit
  • EPSS 86.52%
  • Published 28.01.2022 20:15:12
  • Last modified 03.04.2025 18:53:12

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pk...

7.1

CVE-2018-10195

  • EPSS 0.14%
  • Published 02.06.2021 14:15:07
  • Last modified 21.11.2024 03:40:59

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

7.8

CVE-2020-8018

  • EPSS 0.03%
  • Published 04.05.2020 12:15:12
  • Last modified 21.11.2024 05:38:13

A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by ...

7.8

CVE-2014-1947

  • EPSS 6.95%
  • Published 17.02.2020 21:15:12
  • Last modified 21.11.2024 02:05:19

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, i...

6.8

CVE-2006-7246

Exploit
  • EPSS 0.07%
  • Published 27.01.2020 15:15:10
  • Last modified 21.11.2024 00:24:43

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

6.5

CVE-2015-5239

  • EPSS 5.06%
  • Published 23.01.2020 20:15:11
  • Last modified 21.11.2024 02:32:37

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

5.3

CVE-2019-11038

Exploit
  • EPSS 8.29%
  • Published 19.06.2019 00:15:12
  • Last modified 21.11.2024 04:20:25

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause t...

7.5

CVE-2017-16232

  • EPSS 1.74%
  • Published 21.03.2019 15:59:56
  • Last modified 21.11.2024 03:16:05

LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue