Suse

Linux Enterprise Server

472 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-17962

Exploit
  • EPSS 0.27%
  • Published 09.10.2018 22:29:00
  • Last modified 21.11.2024 03:55:17

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

9.8

CVE-2016-1000030

  • EPSS 0.78%
  • Published 05.09.2018 17:29:00
  • Last modified 21.11.2024 02:42:51

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exp...

7.8

CVE-2018-7566

  • EPSS 0.13%
  • Published 30.03.2018 21:29:02
  • Last modified 21.11.2024 04:12:22

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

10

CVE-2017-18017

  • EPSS 27.65%
  • Published 03.01.2018 06:29:00
  • Last modified 03.01.2025 12:15:25

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other im...

7.8

CVE-2017-17805

  • EPSS 0.11%
  • Published 20.12.2017 23:29:00
  • Last modified 20.04.2025 01:37:25

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service ...

7.8

CVE-2017-17806

  • EPSS 0.03%
  • Published 20.12.2017 23:29:00
  • Last modified 20.04.2025 01:37:25

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HAS...

7.2

CVE-2017-17558

  • EPSS 0.08%
  • Published 12.12.2017 15:29:00
  • Last modified 20.04.2025 01:37:25

The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allow...

7.8

CVE-2017-15115

  • EPSS 0.04%
  • Published 15.11.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possi...

5.3

CVE-2017-13078

  • EPSS 0.81%
  • Published 17.10.2017 13:29:00
  • Last modified 20.04.2025 01:37:25

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3

CVE-2017-13079

  • EPSS 0.28%
  • Published 17.10.2017 13:29:00
  • Last modified 20.04.2025 01:37:25

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.