Lucene search
+L
SuseLinux Enterprise Server

474 matches found

CVE
CVE
added 2014/07/17 2:36 a.m.82 views

CVE-2014-2484

Technical details for CVE-2014-2484 are not provided in the connected documents; references show a MySQL issue affecting confidentiality, integrity, and availability but do not specify root cause, affected versions, exploitation, or fixes.

6.5CVSS5.1AI score0.02523EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.82 views

CVE-2014-6474

The CVE-2014-6474 entry concerns Oracle MySQL Server 5.6.19 and earlier. It is described as an unspecified vulnerability that remote authenticated users can exploit to affect availability via vectors related to SERVER:MEMCACHED. The NVD metadata shows a base score of 3.5 (LOW) with CVSS2 metrics:...

3.5CVSS6.1AI score0.01363EPSS
CVE
CVE
added 2020/01/27 2:56 p.m.81 views

CVE-2006-7246

CVE-2006-7246 affects NetworkManager 0.9.x, where the code path used for 802.11X authentication does not pin a certificate’s subject to the ESSID. The root cause is a failure to bind the server certificate to the specific wireless network, potentially allowing credential exposure or man-in-the-mi...

6.8CVSS6.4AI score0.00884EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.81 views

CVE-2012-4217

CVE-2012-4217 is a use-after-free in Mozilla Firefox <17.0, Thunderbird <17.0, and SeaMonkey

9.3CVSS8.8AI score0.06155EPSS
CVE
CVE
added 2013/05/13 11:0 p.m.81 views

CVE-2013-2020

CVE-2013-2020 concerns ClamAV before 0.97.8 where an integer underflow in cli_scanpe (pe.c) can trigger an out-of-bounds read when parsing UPX-packed executables with a skewed offset, allowing a remote denial-of-service (crash). Public references in OpenVAS/SUSE advisories corroborate the issue a...

5CVSS8.8AI score0.03547EPSS
CVE
CVE
added 2014/07/17 2:36 a.m.80 views

CVE-2014-4214

Technical details for CVE-2014-4214 are not publicly available in the provided documents. Monitor for updates.

3.3CVSS5.1AI score0.03015EPSS
CVE
CVE
added 2017/03/17 2:0 p.m.79 views

CVE-2014-9852

ImageMagick vulnerability CVE-2014-9852 affects the ImageMagick code path distribute-cache.c, where objects are re-used after being destroyed. This can allow remote attackers to trigger unspecified impact via unspecified vectors. The initial entry notes a remote-exploit scenario with unspecified ...

9.8CVSS8.7AI score0.02933EPSS
CVE
CVE
added 2010/09/30 2:0 p.m.78 views

CVE-2010-2538

CVE-2010-2538: Integer overflow in btrfs_ioctl_clone (fs/btrfs/ioctl.c) of the Linux kernel before 2.6.35 may allow local users to obtain sensitive information via BTRFS_IOC_CLONE_RANGE. Public references confirm impact on local privilege/user data exposure with no remote vector. Affected compone...

5.5CVSS5.8AI score0.0038EPSS
CVE
CVE
added 2017/04/05 5:0 p.m.78 views

CVE-2015-4680

FreeRADIUS is affected by CVE-2015-4680. Versions 2.2.x prior to 2.2.8 and 3.0.x prior to 3.0.9 do not properly check revocation of intermediate CA certificates, potentially allowing certificates issued by revoked intermediate authorities to be trusted. The vulnerability’s impact is reflected as ...

7.5CVSS7.4AI score0.01791EPSS
CVE
CVE
added 2016/04/08 3:0 p.m.78 views

CVE-2015-5969

CVE-2015-5969 involves the mysql-systemd-helper script in mysql-community-server and mariadb packages on openSUSE/OpenSUSE Leap/SLE. The issue allows local users to discover database credentials by listing a running process and its arguments. Affected packages/versions (from the Initial Descripti...

6.2CVSS6AI score0.0039EPSS
CVE
CVE
added 2016/09/20 2:0 p.m.78 views

CVE-2015-8929

CVE-2015-8929 is a memory-leak vulnerability in libarchive’s tar parser (function __archive_read_get_extract in archive_read_extract2.c) that could allow a remote attacker to cause a denial of service by processing a crafted tar file, unless fixed. Public sources in connected documents confirm th...

5.5CVSS5.8AI score0.01538EPSS
CVE
CVE
added 2023/02/15 12:0 a.m.76 views

CVE-2022-45153

CVE-2022-45153 affects the saphanabootstrap-formula used by SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5, and openSUSE Leap 15.4. The issue is an Incorrect Default Permissions vulnerability that allows local attackers to escalate to root by...

7.8CVSS7.1AI score0.00223EPSS
CVE
CVE
added 2012/10/10 5:0 p.m.75 views

CVE-2012-3983

CVE-2012-3983 affects Mozilla Firefox (pre-16.0), Thunderbird (pre-16.0), and SeaMonkey (pre-2.13). Reported memory safety vulnerabilities could cause memory corruption and crashes and potentially allow arbitrary code execution via unknown vectors. Remediation evidenced in connected documents inc...

10CVSS9.8AI score0.05307EPSS
CVE
CVE
added 2014/06/17 3:0 p.m.75 views

CVE-2014-4038

CVE-2014-4038 affects the ppc64-diag tool on Red Hat Enterprise Linux 6/7 via insecure temporary file handling that enables a local attacker to perform a symlink attack and overwrite arbitrary files with the user’s privileges. The issue is fixed by upgrading to upstream ppc64-diag version 2.6.7 (...

4.4CVSS6.2AI score0.00352EPSS
CVE
CVE
added 2020/08/07 10:10 a.m.75 views

CVE-2020-8025

CVE-2020-8025 affects the pcp permissions handling in SUSE/openSUSE packages. Affected: SLES 12-SP4, SLES 15-LTSS, SLES for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed. Affected component: permissions for some directories under the pcp package due to Incorrect Execution-Assigned Permissions. ...

9.3CVSS7.4AI score0.00475EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.73 views

CVE-2012-4212

Public technical details about CVE-2012-4212 are not disclosed in the provided documents. Monitoring for updates is advised.

10CVSS8.8AI score0.05566EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.70 views

CVE-2012-4218

CVE-2012-4218 involves a use-after-free in Mozilla Firefox’s BuildTextRunsScanner::BreakSink::SetBreaks, affecting Firefox < 17.0, Thunderbird < 17.0, and SeaMonkey

10CVSS8.8AI score0.05613EPSS
CVE
CVE
added 2014/03/19 10:0 a.m.68 views

CVE-2014-1501

Mozilla Firefox for Android is affected (before 28.0). The issue allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via the Open Link in New Tab action, enabling local file access from web content. The root cause is a Same Origin Policy bypass in the Android ...

5.8CVSS8.9AI score0.01568EPSS
CVE
CVE
added 2015/04/16 4:0 p.m.68 views

CVE-2015-2576

CVE-2015-2576 is a local, unspecified vulnerability in the MySQL Utilities component of Oracle MySQL (version 1.5.1 and earlier) when running on Windows. It allows local users to affect integrity via unknown vectors related to Installation. Affected product scope is Oracle MySQL Utilities bundled...

2.1CVSS5.2AI score0.00438EPSS
CVE
CVE
added 2014/06/17 3:0 p.m.67 views

CVE-2014-4039

The CVE-2014-4039 issue affects ppc64-diag (version 2.6.1) where 0755 permissions on /tmp/diagSEsnap and lax restrictions on /tmp/diagSEsnap/snapH.tar.gz enable a local attacker to read an archive and obtain sensitive information (e.g., contents in /var/log/messages and /etc/yaboot.conf). The vul...

2.1CVSS5.6AI score0.00377EPSS
CVE
CVE
added 2019/11/25 5:29 p.m.56 views

CVE-2012-6639

CVE-2012-6639 describes a privilege-elevation vulnerability in Cloud-init prior to 0.7.0. The issue occurs when requests to an untrusted system are made for EC2 instance data, allowing an attacker with network access to leverage low-privileged execution to gain higher privileges. The available co...

9CVSS8.6AI score0.02049EPSS
CVE
CVE
added 2017/03/23 6:36 a.m.55 views

CVE-2016-1602

CVE-2016-1602 is a local code injection vulnerability in the supportconfig data collection tool of supportutils used by SUSE Linux Enterprise Server 12/12-SP1 and SUSE Linux Enterprise Desktop 12/12-SP1. The issue allows a local attacker to execute code as the user running supportconfig (typicall...

7.8CVSS7.7AI score0.00535EPSS
CVE
CVE
added 2018/09/05 5:0 p.m.52 views

CVE-2016-1000030

Affected product/versions: Pidgin versions older than 2.11.0. Root cause: improper checking of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() during X.509 certificate imports. Impact: potential remote code execution via a crafted X.509 certificate from another client (as d...

9.8CVSS9.4AI score0.01844EPSS
CVE
CVE
added 2026/03/05 7:0 a.m.19 views

CVE-2026-25702

CVE-2026-25702 affects SUSE Linux Enterprise Server 12 SP5 where the kernel vulnerability in nftables stems from improper access control, causing firewall rules managed by nftables to be ineffective. The issue impacts SLES 12 SP5 versions from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 up to 9c294e...

9.8CVSS5.9AI score0.00203EPSS
Total number of security vulnerabilities474