Suse

Linux Enterprise Server

472 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-46953

  • EPSS 0.08%
  • Veröffentlicht 10.11.2024 22:15:12
  • Zuletzt bearbeitet 14.11.2024 02:01:09

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

5.5

CVE-2024-46955

  • EPSS 0.06%
  • Veröffentlicht 10.11.2024 22:15:12
  • Zuletzt bearbeitet 14.11.2024 01:53:21

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

7.8

CVE-2024-46956

  • EPSS 0.36%
  • Veröffentlicht 10.11.2024 22:15:12
  • Zuletzt bearbeitet 14.11.2024 20:39:54

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

7.8

CVE-2024-46951

  • EPSS 0.08%
  • Veröffentlicht 10.11.2024 21:15:14
  • Zuletzt bearbeitet 14.11.2024 02:13:25

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

7.5

CVE-2023-29552

Warnung Exploit
  • EPSS 93.54%
  • Veröffentlicht 25.04.2023 16:15:09
  • Zuletzt bearbeitet 27.03.2025 14:08:54

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification f...

5.5

CVE-2023-23005

  • EPSS 0.02%
  • Veröffentlicht 01.03.2023 20:15:15
  • Zuletzt bearbeitet 19.03.2025 19:15:38

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realis...

7.8

CVE-2022-45153

Exploit
  • EPSS 0.05%
  • Veröffentlicht 15.02.2023 10:15:16
  • Zuletzt bearbeitet 21.11.2024 07:28:51

An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by mani...

4.4

CVE-2022-31252

  • EPSS 0.03%
  • Veröffentlicht 06.10.2022 18:16:01
  • Zuletzt bearbeitet 21.11.2024 07:04:13

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a grou...

5.5

CVE-2015-1931

  • EPSS 0.05%
  • Veröffentlicht 29.09.2022 03:15:11
  • Zuletzt bearbeitet 21.11.2024 02:26:25

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows l...

7.8

CVE-2022-27239

  • EPSS 0.12%
  • Veröffentlicht 27.04.2022 14:15:09
  • Zuletzt bearbeitet 21.11.2024 06:55:28

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.