404 matches found
Security update for pam
This update for pam fixes the following issues: CVE-2024-10963: Fixed improper hostname interpretation inpamaccess that could lead to access control bypass bsc1233078 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE CVE-2004-1895
YaST Online Update YOU in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies...
SUSE CVE-2005-3013
Buffer overflow in liby2util in Yet another Setup Tool YaST for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry...
SUSE CVE-2006-0803
The signature verification functionality in the YaST Online Update YOU script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used...
SUSE CVE-2012-0425
LanItems.ycp in savey2logs in yast2-network before 2.24.4 in SUSE YaST writes cleartext Wi-Fi credentials to the y2log log file, which allows context-dependent attackers to obtain sensitive information by reading the 1 WIRELESSWPAPASSWORD or 2 WIRELESSCLIENTKEYPASSWORD field...
SUSE CVE-2016-5746
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf...
SUSE CVE-2018-17957
The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool RMT before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database...
Vulnerabilities fixed in libxml2
Vulnerabilities have been fixed in libxml2. The vulnerabilities allow a remote malicious person to cause a denial-of-service cause. -= Debian =- Debian has made updates to libxml2 available for Debian 11.0 Bullseye to address the vulnerabilities. You can install the custom packages installed by...
Security update for privoxy (important)
openSUSE Security Update: Security update for privoxy Announcement ID: openSUSE-SU-2022:10186-1 Rating: important References: 1193584 Cross-References: CVE-2021-44540 CVE-2021-44541 CVE-2021-44542 CVE-2021-44543 CVSS scores: CVE-2021-44540 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...
Security update for v4l2loopback (moderate)
openSUSE Security Update: Security update for v4l2loopback Announcement ID: openSUSE-SU-2022:10159-1 Rating: moderate References: 1202156 Cross-References: CVE-2022-2652 CVSS scores: CVE-2022-2652 NVD : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H CVE-2022-2652 SUSE: 6...
Security update for seamonkey (important)
openSUSE Security Update: Security update for seamonkey Announcement ID: openSUSE-SU-2022:10149-1 Rating: important References: 1203916 Affected Products: openSUSE Leap 15.4 An update that contains security fixes can now be installed. Description: This update fixes the following issues: Update to...
Vulnerabilities fixed in SUSE Linux Enterprise
Vulnerabilities have been fixed in the Linux kernel as used by SUSE Linux Enterprise. A local, authenticated malicious party can exploit the vulnerabilities to execute arbitrary code, causing a denial-of-service or obtaining elevated privileges. SUSE has made updates available to fix the...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10138-1 Rating: important References: 1203808 Cross-References: CVE-2022-3201 CVE-2022-3304 CVE-2022-3305 CVE-2022-3306 CVE-2022-3307 CVE-2022-3308 CVE-2022-3309 CVE-2022-3310 CVE-2022-3311 CVE-2022-3312...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10139-1 Rating: important References: 1203808 Cross-References: CVE-2022-3201 CVE-2022-3304 CVE-2022-3305 CVE-2022-3306 CVE-2022-3307 CVE-2022-3308 CVE-2022-3309 CVE-2022-3310 CVE-2022-3311 CVE-2022-3312...
Security update for connman (critical)
openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2022:10134-1 Rating: critical References: 1200189 1200190 Cross-References: CVE-2022-32292 CVE-2022-32293 CVSS scores: CVE-2022-32292 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-32293 NVD : 8.1...
Security update for mupdf (moderate)
openSUSE Security Update: Security update for mupdf Announcement ID: openSUSE-SU-2022:10125-1 Rating: moderate References: 1202858 Cross-References: CVE-2021-4216 CVSS scores: CVE-2021-4216 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 An...
Security update for canna (important)
openSUSE Security Update: Security update for canna Announcement ID: openSUSE-SU-2022:10091-1 Rating: important References: 1199280 Cross-References: CVE-2022-21950 CVSS scores: CVE-2022-21950 SUSE: 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Backports SLE-15-SP4 ...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10092-1 Rating: important References: 1202075 Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612...
Security update for caddy (moderate)
openSUSE Security Update: Security update for caddy Announcement ID: openSUSE-SU-2022:10080-1 Rating: moderate References: 1201822 Cross-References: CVE-2022-34037 CVSS scores: CVE-2022-34037 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP4 A...
Security update for various openSUSE kernel module packages (important)
openSUSE Security Update: Security update for various openSUSE kernel module packages Announcement ID: openSUSE-SU-2022:10032-1 Rating: important References: 1198581 Affected Products: openSUSE Leap 15.3 An update that contains security fixes can now be installed. Description: This update of...