Suse Linux Enterprise Desktop Security Vulnerabilities and Issues — Suse Linux Enterprise Desktop CVE List

Lucene search

NovellSuse Linux Enterprise Desktop

37 matches found

CVE•added 2015/04/14 10:59 p.m.•1020 views

CVE-2015-3043

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different ...

10CVSS7.7AI score0.86036EPSS

CVE•added 2015/02/24 1:59 a.m.•447 views

CVE-2015-0240

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets th...

10CVSS8.3AI score0.92168EPSS

CVE•added 2015/05/14 10:59 a.m.•370 views

CVE-2015-2716

Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.

7.5CVSS8.6AI score0.05699EPSS

CVE•added 2015/01/21 6:59 p.m.•185 views

CVE-2015-0408

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

10CVSS3.8AI score0.09938EPSS

CVE•added 2015/07/06 2:0 a.m.•159 views

CVE-2015-2721

Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attack...

4.3CVSS4.1AI score0.00516EPSS

CVE•added 2015/01/21 6:59 p.m.•158 views

CVE-2015-0410

Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.

5CVSS3.9AI score0.02489EPSS

CVE•added 2015/01/21 6:59 p.m.•148 views

CVE-2014-6601

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

10CVSS3.6AI score0.141EPSS

CVE•added 2015/01/21 7:59 p.m.•139 views

CVE-2015-0412

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

7.2CVSS3.8AI score0.01848EPSS

CVE•added 2015/07/06 2:1 a.m.•132 views

CVE-2015-2730

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof EC...

4.3CVSS4.3AI score0.0034EPSS

CVE•added 2015/01/21 6:59 p.m.•131 views

CVE-2015-0383

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.

5.4CVSS3.6AI score0.00082EPSS

CVE•added 2015/07/06 2:1 a.m.•108 views

CVE-2015-2739

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.

10CVSS4.4AI score0.00748EPSS

CVE•added 2015/07/06 2:0 a.m.•104 views

CVE-2015-2724

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ...

10CVSS6.2AI score0.01739EPSS

CVE•added 2015/05/14 10:59 a.m.•97 views

CVE-2015-2708

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

7.5CVSS9.8AI score0.01346EPSS

CVE•added 2015/07/06 2:0 a.m.•97 views

CVE-2015-2725

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10CVSS6AI score0.01984EPSS

CVE•added 2015/01/21 6:59 p.m.•94 views

CVE-2015-0400

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

5CVSS3.2AI score0.0094EPSS

CVE•added 2015/05/14 10:59 a.m.•94 views

CVE-2015-2713

Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunct...

6.8CVSS9.4AI score0.01774EPSS

CVE•added 2015/07/06 2:0 a.m.•94 views

CVE-2015-2722

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

10CVSS5.1AI score0.02288EPSS

CVE•added 2015/07/06 2:1 a.m.•93 views

CVE-2015-2740

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.

10CVSS5AI score0.04143EPSS

CVE•added 2015/07/06 2:1 a.m.•92 views

CVE-2015-2735

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

9.3CVSS4.4AI score0.0272EPSS

CVE•added 2015/04/16 4:59 p.m.•91 views

CVE-2015-0459

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.

10CVSS3.8AI score0.10713EPSS

CVE•added 2015/07/06 2:0 a.m.•88 views

CVE-2015-2728

The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (me...

7.5CVSS5.6AI score0.03275EPSS

CVE•added 2015/07/06 2:1 a.m.•88 views

CVE-2015-2733

10CVSS5.1AI score0.02691EPSS

CVE•added 2015/04/14 10:59 p.m.•88 views

CVE-2015-3044

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

5CVSS5.9AI score0.02305EPSS

CVE•added 2015/07/06 2:1 a.m.•87 views

CVE-2015-2736

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

9.3CVSS4.4AI score0.0272EPSS

CVE•added 2015/07/06 2:1 a.m.•84 views

CVE-2015-2743

PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.

7.5CVSS5.2AI score0.01286EPSS

CVE•added 2015/05/14 10:59 a.m.•82 views

CVE-2015-2710

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.

6.8CVSS9.6AI score0.02581EPSS

CVE•added 2015/01/21 7:59 p.m.•78 views

CVE-2015-0437

Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

9.3CVSS3.1AI score0.01772EPSS

CVE•added 2015/04/16 4:59 p.m.•77 views

CVE-2015-0458

Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

7.6CVSS3.6AI score0.10384EPSS

CVE•added 2015/01/21 6:59 p.m.•75 views

CVE-2015-0406

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment.

5.8CVSS3.2AI score0.05435EPSS

CVE•added 2015/01/21 6:59 p.m.•74 views

CVE-2015-0403

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

6.9CVSS3.1AI score0.00136EPSS

CVE•added 2015/04/16 4:59 p.m.•74 views

CVE-2015-0405

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.

4CVSS5.2AI score0.00761EPSS

CVE•added 2015/07/06 2:0 a.m.•71 views

CVE-2015-2726

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10CVSS5.8AI score0.01528EPSS

CVE•added 2015/04/16 4:59 p.m.•66 views

CVE-2015-0439

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

4CVSS4.6AI score0.00909EPSS

CVE•added 2015/04/16 4:59 p.m.•64 views

CVE-2015-0423

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

4CVSS7.5AI score0.00909EPSS

CVE•added 2015/05/14 10:59 a.m.•63 views

CVE-2015-2709

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

7.5CVSS9.7AI score0.00874EPSS

CVE•added 2015/04/16 4:59 p.m.•61 views

CVE-2015-0438

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

4CVSS5.2AI score0.00761EPSS

CVE•added 2015/01/21 7:59 p.m.•56 views

CVE-2015-0421

Unspecified vulnerability in Oracle Java SE 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process.

6.9CVSS2.9AI score0.00128EPSS