Suse

Linux Enterprise Desktop

460 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-3209

  • EPSS 5.35%
  • Published 15.06.2015 15:59:00
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

4.6

CVE-2015-4106

  • EPSS 0.09%
  • Published 03.06.2015 20:59:09
  • Last modified 12.04.2025 10:46:40

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly ha...

4.3

CVE-2015-4000

  • EPSS 94.03%
  • Published 21.05.2015 00:59:00
  • Last modified 12.04.2025 10:46:40

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie...

6.8

CVE-2015-0797

  • EPSS 7.61%
  • Published 14.05.2015 10:59:00
  • Last modified 12.04.2025 10:46:40

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbi...

2.9

CVE-2015-3340

  • EPSS 0.63%
  • Published 28.04.2015 14:59:02
  • Last modified 12.04.2025 10:46:40

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

4.9

CVE-2015-2575

  • EPSS 0.64%
  • Published 16.04.2015 17:00:07
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.

2.1

CVE-2015-2576

  • EPSS 0.09%
  • Published 16.04.2015 17:00:07
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.

4

CVE-2015-2573

  • EPSS 0.41%
  • Published 16.04.2015 17:00:05
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

4

CVE-2015-2571

  • EPSS 0.41%
  • Published 16.04.2015 17:00:04
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

5

CVE-2015-2568

  • EPSS 4.02%
  • Published 16.04.2015 17:00:02
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.