Lucene search

K
NovellSuse Linux Enterprise Server

22 matches found

CVE
CVE
added 2014/10/15 12:55 a.m.836 views

CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

4.3CVSS4.4AI score0.94196EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.302 views

CVE-2016-3137

drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port...

4.9CVSS5.3AI score0.00021EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.190 views

CVE-2012-6657

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.

4.9CVSS6.6AI score0.00122EPSS
CVE
CVE
added 2015/07/06 2:0 a.m.159 views

CVE-2015-2721

Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attack...

4.3CVSS4.1AI score0.00914EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.149 views

CVE-2016-2184

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device desc...

4.9CVSS6.1AI score0.00345EPSS
CVE
CVE
added 2016/02/08 3:59 a.m.139 views

CVE-2015-7566

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoin...

4.9CVSS6AI score0.00453EPSS
CVE
CVE
added 2015/07/06 2:1 a.m.132 views

CVE-2015-2730

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof EC...

4.3CVSS4.3AI score0.0034EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.127 views

CVE-2016-2188

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

4.9CVSS5.1AI score0.00428EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.126 views

CVE-2016-2185

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

4.9CVSS5.3AI score0.00048EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.126 views

CVE-2016-3140

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

4.9CVSS6.1AI score0.00175EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.125 views

CVE-2016-2187

The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

4.9CVSS5.7AI score0.00057EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.122 views

CVE-2016-2186

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

4.9CVSS5.9AI score0.00057EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.116 views

CVE-2016-3138

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.

4.9CVSS5.2AI score0.00021EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.116 views

CVE-2016-3951

Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.

4.9CVSS6.8AI score0.00062EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.115 views

CVE-2016-3689

The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.

4.9CVSS5AI score0.00062EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.112 views

CVE-2016-3136

The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors.

4.9CVSS5.1AI score0.00202EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.89 views

CVE-2016-3139

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

4.9CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.74 views

CVE-2015-0405

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.

4CVSS5.2AI score0.00761EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.66 views

CVE-2015-0439

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

4CVSS4.6AI score0.00909EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.64 views

CVE-2015-0423

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

4CVSS7.5AI score0.00909EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.61 views

CVE-2015-0438

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

4CVSS5.2AI score0.00761EPSS
CVE
CVE
added 2009/09/18 10:30 a.m.53 views

CVE-2009-2707

Unspecified vulnerability in ia32el (aka the IA 32 emulation functionality) before 7042_7022-0.4.2 in SUSE Linux Enterprise (SLE) 10 SP2 on Itanium IA64 machines allows local users to cause a denial of service (system crash) via a 32-bit x86 application.

4.9CVSS7.1AI score0.00034EPSS