Suse

Linux Enterprise Server

472 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2019-18901

  • EPSS 0.1%
  • Published 02.03.2020 16:15:11
  • Last modified 21.11.2024 04:33:48

A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 064...

7.8

CVE-2014-1947

  • EPSS 6.95%
  • Published 17.02.2020 21:15:12
  • Last modified 21.11.2024 02:05:19

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, i...

6.8

CVE-2006-7246

Exploit
  • EPSS 0.07%
  • Published 27.01.2020 15:15:10
  • Last modified 21.11.2024 00:24:43

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

3.3

CVE-2019-3687

  • EPSS 0.08%
  • Published 24.01.2020 09:15:13
  • Last modified 21.11.2024 04:42:20

The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e01...

6.5

CVE-2015-5239

  • EPSS 5.06%
  • Published 23.01.2020 20:15:11
  • Last modified 21.11.2024 02:32:37

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

8.8

CVE-2010-3782

  • EPSS 0.3%
  • Published 02.01.2020 19:15:11
  • Last modified 21.11.2024 01:19:36

obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation.

9

CVE-2012-6639

  • EPSS 1.2%
  • Published 25.11.2019 18:15:11
  • Last modified 21.11.2024 01:46:35

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

7.5

CVE-2016-5285

  • EPSS 0.65%
  • Published 15.11.2019 16:15:10
  • Last modified 21.11.2024 02:53:59

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

5.3

CVE-2019-11038

Exploit
  • EPSS 8.29%
  • Published 19.06.2019 00:15:12
  • Last modified 21.11.2024 04:20:25

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause t...

7.5

CVE-2017-16232

  • EPSS 1.74%
  • Published 21.03.2019 15:59:56
  • Last modified 21.11.2024 03:16:05

LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue