474 matches found
CVE-2014-2484
Technical details for CVE-2014-2484 are not provided in the connected documents; references show a MySQL issue affecting confidentiality, integrity, and availability but do not specify root cause, affected versions, exploitation, or fixes.
CVE-2014-6474
The CVE-2014-6474 entry concerns Oracle MySQL Server 5.6.19 and earlier. It is described as an unspecified vulnerability that remote authenticated users can exploit to affect availability via vectors related to SERVER:MEMCACHED. The NVD metadata shows a base score of 3.5 (LOW) with CVSS2 metrics:...
CVE-2006-7246
CVE-2006-7246 affects NetworkManager 0.9.x, where the code path used for 802.11X authentication does not pin a certificate’s subject to the ESSID. The root cause is a failure to bind the server certificate to the specific wireless network, potentially allowing credential exposure or man-in-the-mi...
CVE-2012-4217
CVE-2012-4217 is a use-after-free in Mozilla Firefox <17.0, Thunderbird <17.0, and SeaMonkey
CVE-2013-2020
CVE-2013-2020 concerns ClamAV before 0.97.8 where an integer underflow in cli_scanpe (pe.c) can trigger an out-of-bounds read when parsing UPX-packed executables with a skewed offset, allowing a remote denial-of-service (crash). Public references in OpenVAS/SUSE advisories corroborate the issue a...
CVE-2014-4214
Technical details for CVE-2014-4214 are not publicly available in the provided documents. Monitor for updates.
CVE-2014-9852
ImageMagick vulnerability CVE-2014-9852 affects the ImageMagick code path distribute-cache.c, where objects are re-used after being destroyed. This can allow remote attackers to trigger unspecified impact via unspecified vectors. The initial entry notes a remote-exploit scenario with unspecified ...
CVE-2010-2538
CVE-2010-2538: Integer overflow in btrfs_ioctl_clone (fs/btrfs/ioctl.c) of the Linux kernel before 2.6.35 may allow local users to obtain sensitive information via BTRFS_IOC_CLONE_RANGE. Public references confirm impact on local privilege/user data exposure with no remote vector. Affected compone...
CVE-2015-4680
FreeRADIUS is affected by CVE-2015-4680. Versions 2.2.x prior to 2.2.8 and 3.0.x prior to 3.0.9 do not properly check revocation of intermediate CA certificates, potentially allowing certificates issued by revoked intermediate authorities to be trusted. The vulnerability’s impact is reflected as ...
CVE-2015-5969
CVE-2015-5969 involves the mysql-systemd-helper script in mysql-community-server and mariadb packages on openSUSE/OpenSUSE Leap/SLE. The issue allows local users to discover database credentials by listing a running process and its arguments. Affected packages/versions (from the Initial Descripti...
CVE-2015-8929
CVE-2015-8929 is a memory-leak vulnerability in libarchive’s tar parser (function __archive_read_get_extract in archive_read_extract2.c) that could allow a remote attacker to cause a denial of service by processing a crafted tar file, unless fixed. Public sources in connected documents confirm th...
CVE-2022-45153
CVE-2022-45153 affects the saphanabootstrap-formula used by SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5, and openSUSE Leap 15.4. The issue is an Incorrect Default Permissions vulnerability that allows local attackers to escalate to root by...
CVE-2012-3983
CVE-2012-3983 affects Mozilla Firefox (pre-16.0), Thunderbird (pre-16.0), and SeaMonkey (pre-2.13). Reported memory safety vulnerabilities could cause memory corruption and crashes and potentially allow arbitrary code execution via unknown vectors. Remediation evidenced in connected documents inc...
CVE-2014-4038
CVE-2014-4038 affects the ppc64-diag tool on Red Hat Enterprise Linux 6/7 via insecure temporary file handling that enables a local attacker to perform a symlink attack and overwrite arbitrary files with the user’s privileges. The issue is fixed by upgrading to upstream ppc64-diag version 2.6.7 (...
CVE-2020-8025
CVE-2020-8025 affects the pcp permissions handling in SUSE/openSUSE packages. Affected: SLES 12-SP4, SLES 15-LTSS, SLES for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed. Affected component: permissions for some directories under the pcp package due to Incorrect Execution-Assigned Permissions. ...
CVE-2012-4212
Public technical details about CVE-2012-4212 are not disclosed in the provided documents. Monitoring for updates is advised.
CVE-2012-4218
CVE-2012-4218 involves a use-after-free in Mozilla Firefox’s BuildTextRunsScanner::BreakSink::SetBreaks, affecting Firefox < 17.0, Thunderbird < 17.0, and SeaMonkey
CVE-2014-1501
Mozilla Firefox for Android is affected (before 28.0). The issue allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via the Open Link in New Tab action, enabling local file access from web content. The root cause is a Same Origin Policy bypass in the Android ...
CVE-2015-2576
CVE-2015-2576 is a local, unspecified vulnerability in the MySQL Utilities component of Oracle MySQL (version 1.5.1 and earlier) when running on Windows. It allows local users to affect integrity via unknown vectors related to Installation. Affected product scope is Oracle MySQL Utilities bundled...
CVE-2014-4039
The CVE-2014-4039 issue affects ppc64-diag (version 2.6.1) where 0755 permissions on /tmp/diagSEsnap and lax restrictions on /tmp/diagSEsnap/snapH.tar.gz enable a local attacker to read an archive and obtain sensitive information (e.g., contents in /var/log/messages and /etc/yaboot.conf). The vul...
CVE-2012-6639
CVE-2012-6639 describes a privilege-elevation vulnerability in Cloud-init prior to 0.7.0. The issue occurs when requests to an untrusted system are made for EC2 instance data, allowing an attacker with network access to leverage low-privileged execution to gain higher privileges. The available co...
CVE-2016-1602
CVE-2016-1602 is a local code injection vulnerability in the supportconfig data collection tool of supportutils used by SUSE Linux Enterprise Server 12/12-SP1 and SUSE Linux Enterprise Desktop 12/12-SP1. The issue allows a local attacker to execute code as the user running supportconfig (typicall...
CVE-2016-1000030
Affected product/versions: Pidgin versions older than 2.11.0. Root cause: improper checking of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() during X.509 certificate imports. Impact: potential remote code execution via a crafted X.509 certificate from another client (as d...
CVE-2026-25702
CVE-2026-25702 affects SUSE Linux Enterprise Server 12 SP5 where the kernel vulnerability in nftables stems from improper access control, causing firewall rules managed by nftables to be ineffective. The issue impacts SLES 12 SP5 versions from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 up to 9c294e...