Lucene search
K
SuseLinux Enterprise Desktop

461 matches found

CVE
CVE
added 2017/04/12 8:0 p.m.86 views

CVE-2016-9957

Summary: CVE-2016-9957 corresponds to a stack-based buffer overflow in the Game Music Emu library prior to version 0.6.1. Multiple connected advisories (Gentoo GLSA-201707-02, Fedora advisories) describe a remotely triggerable condition: a user could be enticed to open a specially crafted SPC mus...

7.8CVSS8.7AI score0.01928EPSS
CVE
CVE
added 2008/03/19 10:0 a.m.85 views

CVE-2008-0063

CVE-2008-0063 affects MIT Kerberos 5 (krb5kdc) where Kerberos v4 support leaves an unused buffer uncleared when generating error messages. This can allow remote attackers to read sensitive information from memory. Public advisories across multiple vendors (e.g., MiracleLinux AXSA-2008-345/AXSA-20...

7.5CVSS8.6AI score0.03478EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.85 views

CVE-2016-4123

CVE-2016-4123 is part of the Adobe Flash Player vulnerabilities addressed in the APSB16-18 update. The connected sources show multiple Linux distribution advisories (openSUSE, SUSE, Alt Linux, Arch Linux) referencing CVE-2016-4123 among others and noting a security fix via Flash Player update to ...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.85 views

CVE-2016-4134

CVE-2016-4134 is an Adobe Flash Player vulnerability that was addressed as part of the APSB16-18 bulletin. Several connected advisories indicate the fix was delivered by upgrading Flash Player to 11.2.202.626 (e.g., SUSE/openSUSE updates, ALT Linux packages, and Red Hat advisories). The provided ...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.85 views

CVE-2016-4136

CVE-2016-4136 is an Adobe Flash Player vulnerability affecting Flash libraries used in Microsoft Internet Explorer 10/11 and Edge. Connected sources describe it as a heap-based buffer overflow/memory corruption flaw that can lead to arbitrary code execution. Impact is described as code execution ...

9.3CVSS8.9AI score0.16385EPSS
Web
CVE
CVE
added 2016/06/16 2:0 p.m.84 views

CVE-2016-4132

CVE-2016-4132 corresponds to an unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, used in the Flash libraries in IE10/IE11 and Edge, with unknown impact in the initial entry but later connected advisories list multiple memory corruption/code-execution related CVEs. Connected...

9.3CVSS8.9AI score0.03977EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.83 views

CVE-2016-4124

The CVE-2016-4124 entry refers to multiple vulnerabilities in Adobe Flash Player (11.x era) affecting the Flash runtime used by browsers (e.g., in Internet Explorer and Edge) with various CVEs listed in the 2016-4122…4171 range. Connected advisories show remediation via updates to Flash Player 11...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.83 views

CVE-2016-4129

CVE-2016-4129 is part of Adobe Flash Player updates delivered via the 11.2.202.626 patch (APSb16-18) used in Flash libraries in browsers. The connected sources enumerate multiple vulnerabilities in Flash Player (CVE-2016-4122, -4123, -4124, -4125, -4127, -4128, -4129, -4130, -4131, -4132, -4133, ...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.82 views

CVE-2016-4140

CVE-2016-4140 is a directory search path vulnerability in the Adobe Flash Library used by Flash Player in Internet Explorer 10/11 and Microsoft Edge that could lead to arbitrary code execution. The issue affects Adobe Flash Player 21.0.0.242 and earlier (as used within IE/Edge). Publicly document...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.82 views

CVE-2016-4145

CVE-2016-4145 is tied to Adobe Flash Player used in Internet Explorer 10/11 and Edge. The connected sources show this CVE as part of a broader set of Flash vulnerabilities (CVE-2016-4122 through CVE-2016-4148) patched by Adobe in APSB16-18, with open-source advisories from SUSE/OpenSUSE and Red H...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.81 views

CVE-2011-1477

CVE-2011-1477 affects the Linux kernel (sound/oss/opl3.c) through multiple array index errors before 2.6.39. These flaws allow local users to cause a denial of service via heap memory corruption and, potentially, gain privileges by writing to /dev/sequencer. The issue is tied to Yamaha YM3812/OPL...

7.2CVSS8.1AI score0.00409EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.81 views

CVE-2012-4217

CVE-2012-4217 is a use-after-free in Mozilla Firefox <17.0, Thunderbird <17.0, and SeaMonkey

9.3CVSS8.8AI score0.06155EPSS
CVE
CVE
added 2014/03/19 10:0 a.m.81 views

CVE-2014-1494

CVE-2014-1494 concerns multiple memory-safety vulnerabilities in the browser engine of Mozilla Firefox prior to 28.0 and SeaMonkey prior to 2.25, with remote denial of service or potential arbitrary code execution via unknown vectors. The connected docs confirm that these issues are part of MFSA ...

9.3CVSS9.9AI score0.05079EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.81 views

CVE-2014-6474

The CVE-2014-6474 entry concerns Oracle MySQL Server 5.6.19 and earlier. It is described as an unspecified vulnerability that remote authenticated users can exploit to affect availability via vectors related to SERVER:MEMCACHED. The NVD metadata shows a base score of 3.5 (LOW) with CVSS2 metrics:...

3.5CVSS6.1AI score0.01363EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.81 views

CVE-2016-4130

CVE-2016-4130 is an Adobe Flash Player vulnerability referenced in multiple advisories (e.g., SUSE/openSUSE, Red Hat) as part of the 2016-06 APSB16-18 update. The affected component is Flash Player as embedded in browsers (e.g., IE/Edge/Flash plugins). Remediation in the connected documents shows...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.81 views

CVE-2016-4144

CVE-2016-4144 is an Adobe Flash Player vulnerability described as a type confusion issue in Flash Player 21.0.0.242 and earlier, used within the Flash libraries in Microsoft Internet Explorer 10/11 and Microsoft Edge, with unspecified impact and attack vectors. Public advisories and security bull...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2012/10/29 6:0 p.m.80 views

CVE-2012-4195

CVE-2012-4195 concerns Mozilla Firefox (and related Mozilla components) where nsLocation::CheckURL does not correctly determine the calling document/principal, enabling cross-site scripting (XSS) via crafted sites and certain add-on behaviors. Affected products/versions include Firefox before 16....

4.3CVSS8.2AI score0.01902EPSS
CVE
CVE
added 2014/07/17 2:36 a.m.80 views

CVE-2014-2484

Technical details for CVE-2014-2484 are not provided in the connected documents; references show a MySQL issue affecting confidentiality, integrity, and availability but do not specify root cause, affected versions, exploitation, or fixes.

6.5CVSS5.1AI score0.02523EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.80 views

CVE-2016-4122

CVE-2016-4122 concerns Adobe Flash Player/Flash plugin. Connected advisories cite multiple vendors (openSUSE/SUSE, Red Hat, ALT Linux, arch linux) reporting this CVE along with related ones (4123–4129, 4130–4132, 4133–4137, 4138–4148, 4150–4171). The vulnerability set includes memory corruption, ...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.80 views

CVE-2016-4143

CVE-2016-4143 is part of a set of Flash Player vulnerabilities addressed in 2016 advisories. The connected documents identify it as a memory corruption issue in Adobe Flash Player components (used with IE/Edge) that could lead to arbitrary code execution. The Mageia advisory explicitly groups CVE...

9.3CVSS8.8AI score0.0381EPSS
CVE
CVE
added 2017/04/12 8:0 p.m.80 views

CVE-2016-9958

CVE-2016-9958 affects Game Music Emu, prior to version 0.6.1. The vulnerability enables a remote attacker to cause arbitrary memory writes, potentially enabling arbitrary code execution or DoS when opening a crafted SPC file. Public sources (Gentoo GLSA 201707-02 and related advisories) instruct ...

7.8CVSS8.5AI score0.0233EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.79 views

CVE-2013-2728

CVE-2013-2728 concerns Adobe Flash Player (and AIR) with a memory-corruption based vulnerability that could allow arbitrary code execution or a denial of service via unspecified vectors. The initial description lists affected versions: Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 ...

10CVSS7.7AI score0.05319EPSS
CVE
CVE
added 2014/07/17 2:36 a.m.79 views

CVE-2014-4214

Technical details for CVE-2014-4214 are not publicly available in the provided documents. Monitor for updates.

3.3CVSS5.1AI score0.03015EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.79 views

CVE-2016-4128

CVE-2016-4128 is listed as part of the Adobe Flash Player fixes in the APSB16-18 update. The connected sources describe multiple CVEs addressed by this update and indicate that distributions such as openSUSE, SUSE, ALT Linux, and Red Hat released security updates to Flash Player, upgrading to ver...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2010/09/30 2:0 p.m.77 views

CVE-2010-2538

CVE-2010-2538: Integer overflow in btrfs_ioctl_clone (fs/btrfs/ioctl.c) of the Linux kernel before 2.6.35 may allow local users to obtain sensitive information via BTRFS_IOC_CLONE_RANGE. Public references confirm impact on local privilege/user data exposure with no remote vector. Affected compone...

5.5CVSS5.8AI score0.0038EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.77 views

CVE-2016-4127

CVE-2016-4127 is part of a set of Flash Player vulnerabilities documented across multiple advisories (e.g., APSB16-18) affecting Adobe Flash Player used in Internet Explorer 10/11 and Edge. Connected sources indicate this family includes CVEs such as 2016-4122, 4123, 4124, 4125, 4127, 4128, 4129,...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.77 views

CVE-2016-4147

CVE-2016-4147 is an Adobe Flash Player memory-corruption vulnerability reported in multiple advisories. Connected sources describe affected Flash Player components (ActiveX/NPAPI) and Flash libraries, with root causes including type confusion, use-after-free, heap-based and other memory-corruptio...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2020/01/27 2:56 p.m.76 views

CVE-2006-7246

CVE-2006-7246 affects NetworkManager 0.9.x, where the code path used for 802.11X authentication does not pin a certificate’s subject to the ESSID. The root cause is a failure to bind the server certificate to the specific wireless network, potentially allowing credential exposure or man-in-the-mi...

6.8CVSS6.4AI score0.00884EPSS
CVE
CVE
added 2016/04/08 3:0 p.m.76 views

CVE-2015-5969

CVE-2015-5969 involves the mysql-systemd-helper script in mysql-community-server and mariadb packages on openSUSE/OpenSUSE Leap/SLE. The issue allows local users to discover database credentials by listing a running process and its arguments. Affected packages/versions (from the Initial Descripti...

6.2CVSS6AI score0.0039EPSS
CVE
CVE
added 2016/09/20 2:0 p.m.76 views

CVE-2015-8929

CVE-2015-8929 is a memory-leak vulnerability in libarchive’s tar parser (function __archive_read_get_extract in archive_read_extract2.c) that could allow a remote attacker to cause a denial of service by processing a crafted tar file, unless fixed. Public sources in connected documents confirm th...

5.5CVSS5.8AI score0.01538EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.76 views

CVE-2016-4131

CVE-2016-4131 is listed among the Flash Player vulnerabilities addressed by the 2016 APSB16-18 update (Adobe Flash Player security bulletin) affecting Flash Player in Windows IE/Edge and in Linux distributions’ packages. The connected documents corroborate that multiple CVEs, including CVE-2016-4...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2017/03/17 2:0 p.m.75 views

CVE-2014-9852

ImageMagick vulnerability CVE-2014-9852 affects the ImageMagick code path distribute-cache.c, where objects are re-used after being destroyed. This can allow remote attackers to trigger unspecified impact via unspecified vectors. The initial entry notes a remote-exploit scenario with unspecified ...

9.8CVSS8.7AI score0.02933EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.75 views

CVE-2016-4155

CVE-2016-4155 describes an unspecified memory-corruption vulnerability in Adobe Flash Player 21.0.0.242 and earlier, when used within the Flash libraries in Internet Explorer 10/11 and Microsoft Edge. The connected HackerOne entry attributes the issue to ShimContentResolver.resolve() with resolve...

9.3CVSS8.9AI score0.04387EPSS
CVE
CVE
added 2012/06/09 12:0 a.m.74 views

CVE-2012-2040

CVE-2012-2040 describes a local privilege escalation in the Adobe Flash Player installer caused by an untrusted search path that could allow a Trojan horse executable in an unspecified directory to run with elevated privileges. The affected products span multiple platforms: Flash Player before 10...

9.3CVSS6.2AI score0.04026EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.74 views

CVE-2016-4133

CVE-2016-4133 is an unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, used in the Flash libraries for Internet Explorer 10/11 and Edge. Connected documents indicate this CVE was addressed as part of Flash Player security updates across multiple distributions (e.g., ALT Linux...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2017/04/12 8:0 p.m.74 views

CVE-2016-9959

CVE-2016-9959 affects Game Music Emu prior to 0.6.1. The vulnerability allows a remote attacker to cause out-of-bounds 8-bit values in SPC/music processing, as described by NVD. Consequences are stated as enabling potential arbitrary behavior from crafted inputs; exploitation details are not prov...

7.8CVSS8.5AI score0.0233EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.73 views

CVE-2016-4139

CVE-2016-4139 is an unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, used in the Flash libraries for IE10/IE11 and Edge. Connected advisories associate this CVE with information disclosure and a same-origin policy bypass, and note that fixes exist (Adobe APSB16-18) along wi...

9.3CVSS8.9AI score0.0381EPSS
CVE
CVE
added 2012/10/10 5:0 p.m.72 views

CVE-2012-3983

CVE-2012-3983 affects Mozilla Firefox (pre-16.0), Thunderbird (pre-16.0), and SeaMonkey (pre-2.13). Reported memory safety vulnerabilities could cause memory corruption and crashes and potentially allow arbitrary code execution via unknown vectors. Remediation evidenced in connected documents inc...

10CVSS9.8AI score0.05307EPSS
CVE
CVE
added 2012/10/16 9:29 p.m.72 views

CVE-2012-5080

Technical details about CVE-2012-5080 are not provided in the supplied documents. Monitor for updates from official advisories.

7.6CVSS6AI score0.04216EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.71 views

CVE-2012-4212

Public technical details about CVE-2012-4212 are not disclosed in the provided documents. Monitoring for updates is advised.

10CVSS8.8AI score0.05566EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.71 views

CVE-2013-3332

Technical details are not publicly available in the provided documents. Monitor for updates from the sources; no specific affected products, versions, or fixes are disclosed here.

10CVSS7.7AI score0.05319EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.70 views

CVE-2013-3326

Technical details for CVE-2013-3326 are not publicly available in the provided connected documents; monitor for updates.

10CVSS7.7AI score0.0539EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.70 views

CVE-2013-3327

Technical details for CVE-2013-3327 are not publicly available in the provided connected documents. Please monitor for updates from official advisories; current sources here reference multiple related CVEs but provide no implementation specifics.

10CVSS7.7AI score0.0539EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.70 views

CVE-2013-3330

Technical details for CVE-2013-3330 are not publicly available in the provided connected documents; no affected products, exact vulnerability vectors, impact, or fixes are described here. Monitor for updates.

10CVSS7.7AI score0.05319EPSS
CVE
CVE
added 2014/06/11 2:0 p.m.70 views

CVE-2014-2977

CVE-2014-2977 in DirectFB (Dispatch_Write in proxy/dispatcher/idirectfbsurface_dispatcher.c) allows remote attackers to cause a denial of service (crash) and possibly execute code via the Voodoo interface; CVE-2014-2978 is an out-of-bounds write in the same area. Connected advisories confirm thes...

10CVSS7.8AI score0.06776EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.69 views

CVE-2012-4218

CVE-2012-4218 involves a use-after-free in Mozilla Firefox’s BuildTextRunsScanner::BreakSink::SetBreaks, affecting Firefox < 17.0, Thunderbird < 17.0, and SeaMonkey

10CVSS8.8AI score0.05613EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.68 views

CVE-2013-3325

Technical details for CVE-2013-3325 are not publicly available in the provided documents. The connected EUVD entries mention malware in sbrugna but do not specify affected product/version, root cause, impact, or remediation for this CVE. Monitor for updates.

10CVSS7.7AI score0.0539EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.68 views

CVE-2013-3333

Technical details for CVE-2013-3333 are not publicly available in the provided connected documents. Monitor for updates; no concrete product/version/impact data is disclosed here.

10CVSS7.7AI score0.0539EPSS
CVE
CVE
added 2015/04/16 4:0 p.m.67 views

CVE-2015-2576

CVE-2015-2576 is a local, unspecified vulnerability in the MySQL Utilities component of Oracle MySQL (version 1.5.1 and earlier) when running on Windows. It allows local users to affect integrity via unknown vectors related to Installation. Affected product scope is Oracle MySQL Utilities bundled...

2.1CVSS5.2AI score0.00438EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.66 views

CVE-2013-3324

Technical details for CVE-2013-3324 are not publicly available in the provided documents. Monitor for updates and gather future information from linked sources.

10CVSS7.7AI score0.0539EPSS
Total number of security vulnerabilities461