Lucene search
K
SuseLinux Enterprise Server

474 matches found

CVE
CVE
added 2012/10/10 5:0 p.m.136 views

CVE-2012-3982

CVE-2012-3982 affects Mozilla Firefox before 16.0, Firefox ESR before 10.0.8, Thunderbird before 16.0, Thunderbird ESR before 10.0.8, and SeaMonkey before 2.13. The description notes multiple unspecified vulnerabilities in the browser engine that can cause memory corruption and application crashe...

9.3CVSS9.8AI score0.04727EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.136 views

CVE-2013-0761

CVE-2013-0761 is a use-after-free vulnerability in Firefox’s mozilla::TrackUnionStream::EndTrack that could allow remote code execution or a denial of service via heap memory corruption. Affected products include Firefox before 18.0 (and ESR 17.x before 17.0.1), Thunderbird before 17.0.2 (and ESR...

9.3CVSS9.4AI score0.04395EPSS
CVE
CVE
added 2014/07/17 10:0 a.m.136 views

CVE-2014-4260

CVE-2014-4260 is reported in MariaDB/MySQL contexts as an unspecified vulnerability in the MySQL Server component (SRCHAR vectors) that allows remote authenticated users to affect integrity and availability. Public details in the connected documents indicate MariaDB versions prior to 5.5.38 are a...

5.5CVSS6AI score0.03482EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.136 views

CVE-2014-6551

CVE-2014-6551 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier. The connected document notes an unspecified local vulnerability that allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN. No explicit root cause detail or exploit information is ...

2.1CVSS6.1AI score0.0039EPSS
CVE
CVE
added 2015/04/16 4:0 p.m.136 views

CVE-2015-2571

CVE-2015-2571 affects Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier. It is an unspecified vulnerability in the Server: Optimizer that could allow remote authenticated users to cause a denial of service via unknown vectors. Exploitation details are not provided in the supplied docu...

4CVSS4.8AI score0.05252EPSS
CVE
CVE
added 2014/02/06 2:0 a.m.135 views

CVE-2014-1488

CVE-2014-1488 affects Mozilla Firefox < 27.0 and SeaMonkey

10CVSS9.4AI score0.07004EPSS
CVE
CVE
added 2014/05/11 9:0 p.m.135 views

CVE-2014-1738

CVE-2014-1738 is a Linux kernel vulnerability in the floppy driver (raw_cmd_copyout) where processing FDRAWCMD IOCTL calls could allow local attackers with write access to /dev/fd to read kernel heap memory. The flaw is described as an improper restriction of pointers during FDRAWCMD processing, ...

2.1CVSS5.9AI score0.00524EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.135 views

CVE-2016-0651

CVE-2016-0651 is described in connected documents as an unspecified vulnerability in Oracle MySQL Server (5.5.46 and earlier) affecting the Optimizer subcomponent that can allow local users to impact availability. The available sources identify affected product as Oracle MySQL Server and the impa...

5.5CVSS4.6AI score0.01226EPSS
CVE
CVE
added 2009/11/20 5:0 p.m.134 views

CVE-2009-3080

CVE-2009-3080 affects the Linux kernel gdth driver (gdth_read_event in drivers/scsi/gdth.c). In kernels before 2.6.32-rc8, a negative event index in an IOCTL can allow local users to cause a denial of service or potentially gain privileges. MiracleLinux advisories cite this CVE as part of affecte...

7.2CVSS7AI score0.00417EPSS
CVE
CVE
added 2012/01/27 3:0 p.m.134 views

CVE-2011-4132

CVE-2011-4132 affects the Linux kernel’s Journaling Block Device (JBD) cleanup_journal_tail function. The vulnerability allows local users to trigger a denial of service (assertion error and kernel oops) when handling an ext3 or ext4 image containing an invalid log first block value. The descript...

2.1CVSS6.1AI score0.0049EPSS
CVE
CVE
added 2012/10/10 5:0 p.m.134 views

CVE-2012-4185

CVE-2012-4185 describes a buffer overflow in Mozilla Firefox’s nsCharTraits::length function that could allow remote code execution or a heap memory corruption in Firefox <16.0, ESR 10.x <10.0.8, Thunderbird <16.0/ESR 10.x <10.0.8, and SeaMonkey

9.3CVSS9.6AI score0.08572EPSS
CVE
CVE
added 2012/10/10 5:0 p.m.134 views

CVE-2012-4188

CVE-2012-4188 is a heap-based buffer overflow in Mozilla Firefox’s Convolve3x3 path, affecting Firefox before 16.0 (and ESR 10.x before 10.0.8), Thunderbird before 16.0 (and ESR 10.x before 10.0.8), and SeaMonkey before 2.13. The vulnerability allows remote code execution via unspecified vectors;...

9.3CVSS9.6AI score0.147EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.134 views

CVE-2012-4214

CVE-2012-4214 is a use-after-free in Mozilla Firefox’s nsTextEditorState::PrepareEditor, affecting Firefox before 17.0 and ESR 10.x before 10.0.11, Thunderbird before 17.0/ESR 10.x before 10.0.11, and SeaMonkey before 2.14. The vulnerability can allow remote attackers to execute arbitrary code or...

9.3CVSS9.1AI score0.06074EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.134 views

CVE-2014-4656

CVE-2014-4656 affects the Linux kernel ALSA sound control (sound/core/control.c). The vulnerability arises from multiple integer overflows in ALSA control handling, exploitable by local users via /dev/snd/controlCX to cause a denial of service. The issue is tied to (1) index values in snd_ctl_add...

4.6CVSS5.6AI score0.005EPSS
Web
CVE
CVE
added 2014/10/15 10:3 p.m.134 views

CVE-2014-6559

CVE-2014-6559 affects Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier. The vulnerability is described as unspecified with respect to C API SSL CERTIFICATE HANDLING and could allow remote attackers to obtain confidential information (partial confidentiality impact). No exploit detai...

4.3CVSS5.6AI score0.04634EPSS
CVE
CVE
added 2015/01/21 6:0 p.m.134 views

CVE-2015-0374

CVE-2015-0374 is a MySQL/MariaDB server vulnerability impacting confidentiality via unknown vectors in Foreign Key handling. Affected products and versions include Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier (and MariaDB/forked releases in corresponding lines). Public advisories...

3.5CVSS5.9AI score0.03131EPSS
CVE
CVE
added 2009/08/18 8:41 p.m.133 views

CVE-2009-2848

CVE-2009-2848 is confirmed in connected material as applicable to MiracleLinux kernel package 2.6.18-128.10AXS3, aligning with the Linux kernel vulnerability where execve does not properly clear current->clear_child_tid during thread creation/exit. This misbehavior can enable local users to ca...

5.9CVSS6.2AI score0.00516EPSS
CVE
CVE
added 2010/09/21 5:0 p.m.133 views

CVE-2010-3067

CVE-2010-3067 affects the Linux kernel: an integer overflow in do_io_submit (fs/aio.c) in versions before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly other impact via crafted io_submit usage. The vulnerability is rooted in improper handling within the io_s...

4.9CVSS6.8AI score0.00428EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.133 views

CVE-2012-4207

CVE-2012-4207 affects Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0 / ESR 10.x, and SeaMonkey before 2.14. The flaw in the HZ-GB-2312 charset implementation allows remote attackers to perform cross-site scripting (XSS) via a crafted document, due to imprope...

4.3CVSS7.8AI score0.02781EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.133 views

CVE-2013-0745

This CVE (CVE-2013-0745) affects Mozilla Firefox prior to 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15. It is caused by the AutoWrapperChanger not interacting correctly with garbage collection, enabling remote code ...

9.3CVSS9.2AI score0.04485EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.133 views

CVE-2013-0764

CVE-2013-0764 affects Mozilla Firefox (before 18.0), Firefox ESR (before 17.0.2), Thunderbird (before 17.0.2 and ESR 17.x before 17.0.2), and SeaMonkey (before 2.15). The vulnerability is a thread-safety issue in nsSOCKSSocketInfo::ConnectToProxy that can allow remote code execution through craft...

9.3CVSS9.6AI score0.03148EPSS
CVE
CVE
added 2015/08/12 2:0 p.m.133 views

CVE-2015-5154

CVE-2015-5154 is a heap-based buffer overflow in QEMU’s IDE subsystem (ATAPI handling). A privileged guest with a CDROM drive enabled could potentially execute arbitrary host code via crafted ATAPI I/O. Public docs specify this as a host-attack surface when CD-ROM access is present; Debian securi...

7.2CVSS6.9AI score0.0063EPSS
CVE
CVE
added 2020/01/23 7:52 p.m.133 views

CVE-2015-5239

CVE-2015-5239 : QEMU’s VNC display driver is vulnerable to an integer overflow in the vnc_client_read()/protocol_client_msg() paths when processing a CLIENT_CUT_TEXT message, which can cause an infinite loop and crash the QEMU process. Affected products include QEMU with the VNC display driver pr...

6.5CVSS6.4AI score0.0361EPSS
CVE
CVE
added 2012/08/29 10:0 a.m.132 views

CVE-2012-3959

CVE-2012-3959 describes a use-after-free in Mozilla Firefox’s nsRangeUpdater::SelAdjDeleteNode, affecting Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12. The vulnerability allows remote attackers to execu...

10CVSS9.5AI score0.04697EPSS
CVE
CVE
added 2013/12/11 3:0 p.m.132 views

CVE-2013-5612

CVE-2013-5612 is a cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 due to the absence of a charset parameter in the Content-Type header. Connected advisories confirm Firefox/SeaMonkey fixes in 2013–2014 releases (e.g., openSUSE SU-2013:1917, Mirac...

4.3CVSS7.7AI score0.03402EPSS
CVE
CVE
added 2015/01/21 6:0 p.m.132 views

CVE-2015-0391

CVE-2015-0391 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier, with remote authenticated access able to affect availability via DDL-related vectors. Connected advisories confirm MariaDB/Mysql contexts and list affected versions; RHSA-2015:0117 remediation upgrades MariaDB to...

4CVSS6.1AI score0.07196EPSS
CVE
CVE
added 2024/11/10 12:0 a.m.132 views

CVE-2024-46956

CVE-2024-46956 affects Artifex Ghostscript (psi/zfile.c) with an out-of-bounds data access in filenameforall that can lead to arbitrary code execution on Ghostscript versions up to 10.04.0. Connected advisories confirm this vulnerability and provide patch guidance; mitigation is to update Ghostsc...

7.8CVSS7.2AI score0.00388EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.131 views

CVE-2012-4202

CVE-2012-4202 describes a heap-based buffer overflow in Firefox’s image::RasterImage::DrawFrameTo, exploitable via a crafted GIF image to execute arbitrary code. Affected products include Mozilla Firefox before 17.0, Firefox ESR before 10.0.11 (10.x), Thunderbird before 17.0, Thunderbird ESR befo...

9.3CVSS9AI score0.11079EPSS
CVE
CVE
added 2020/02/17 8:56 p.m.131 views

CVE-2014-1947

CVE-2014-1947, 2014-1958, and 2014-2030 describe stack-based buffer overflows in ImageMagick’s PSD handling (psd.c): WritePSDImage and DecodePSDPixels functions are implicated. 1947 targets WritePSDImage in ImageMagick 6.5.4 and earlier, enabling potential denial of service or remote code executi...

7.8CVSS8.5AI score0.07024EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.131 views

CVE-2014-4654

The CVE-2014-4654 issue affects the Linux kernel ALSA control implementation (snd_ctl_elem_add in sound/core/control.c). The root cause is a lack of authorization checks for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, allowing local attackers with access to /dev/snd/controlX to remove kernel controls....

4.6CVSS5.7AI score0.00498EPSS
Web
CVE
CVE
added 2009/03/25 1:0 a.m.130 views

CVE-2009-1072

CVE-2009-1072 affects the Linux kernel prior to 2.6.28.9. nfsd in the kernel does not drop the CAP_MKNOD capability before handling a user request in a thread, enabling local users on an exported filesystem using root_squash to create device nodes. MiracleLinux 3 lists this as fixed in kernel-2.6...

4.9CVSS4.4AI score0.00427EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.130 views

CVE-2010-4163

The CVE-2010-4163 issue affects the Linux kernel, where blk_rq_map_user_iov in block/blk-map.c is vulnerable before version 2.6.36.2. A local attacker can trigger a denial of service (kernel panic) by submitting a zero-length I/O request via a device ioctl to a SCSI device. The description explic...

4.7CVSS6.8AI score0.00393EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.130 views

CVE-2012-4201

CVE-2012-4201 is a concrete Firefox/XULRunner/Thunderbird/SeaMonkey vulnerability: the evalInSandbox path mishandles the context when processing JavaScript that sets location.href, enabling remote XSS or read access to arbitrary files via a sandboxed add-on. Affected software includes Mozilla Fir...

4.3CVSS7.9AI score0.03083EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.130 views

CVE-2012-5842

CVE-2012-5842 is a Mozilla Firefox browser engine vulnerability described as multiple unspecified vulnerabilities that can cause memory corruption leading to a crash or possibly remote code execution. Affected products/versions per description: Mozilla Firefox before 17.0, Firefox ESR 10.x before...

9.3CVSS9.4AI score0.04789EPSS
CVE
CVE
added 2014/02/06 2:0 a.m.130 views

CVE-2014-1483

Technical details for CVE-2014-1483 are not publicly provided in the connected documents; sources reference the CVE but do not disclose affected products, versions, root cause, impact, or fixes. Monitor for updates.

5CVSS9AI score0.02467EPSS
CVE
CVE
added 2014/06/05 8:0 p.m.130 views

CVE-2014-3467

GNUTLS/library libtasn1 vulnerability CVE-2014-3467 is due to multiple issues in the DER decoder of GNU Libtasn1 up to version 3.5.x (pre-3.6), exploited by crafted ASN.1 data to cause a denial of service via out-of-bounds read. The issue is confirmed in multiple advisories (F5 SOL15423, ALAS-201...

5CVSS6AI score0.068EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.130 views

CVE-2014-6520

CVE-2014-6520 affects Oracle MySQL Server 5.5.38 and earlier. The vulnerability is described as unspecified and allows remote authenticated users to affect availability via vectors related to SERVER:DDL; impact is noted as partial availability. Connected sources list this CVE among MariaDB/MySQL-...

4CVSS6.2AI score0.02644EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.130 views

CVE-2014-6530

CVE-2014-6530 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier via CLIENT:MYSQLDUMP. Connected advisories reference CVE-2014-6530 and indicate remediation through upgrading MariaDB/MySQL components to fixed versions (e.g., MariaDB/MariaDB-Galera updates to 5.5.40 per RHSA adv...

6.5CVSS6.2AI score0.02667EPSS
CVE
CVE
added 2015/01/21 6:0 p.m.130 views

CVE-2015-0382

CVE-2015-0382 is a remote-availability vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier, related to Server: Replication, separate from CVE-2015-0381. The connected advisories show multiple vendors/types referencing MySQL/MariaDB vulnerabilities with potential DoS or ...

4.3CVSS6.6AI score0.10066EPSS
CVE
CVE
added 2016/04/13 3:0 p.m.130 views

CVE-2015-8551

CVE-2015-8551 affects the Xen PCI backend driver (pciback) when Xen runs on x86 with a Linux 3.1.x–4.3.x driver domain. The issue arises from missing sanity checks in XEN_PCI_OP_* operations, allowing a local guest administrator with access to a passed-through MSI/MSI-X PCI device to trigger BUG ...

6CVSS5.6AI score0.00451EPSS
CVE
CVE
added 2019/03/17 4:44 p.m.130 views

CVE-2017-16232

CVE-2017-16232 affects LibTIFF 4.0.8, which is reported to have multiple memory‑leak vulnerabilities that can lead to memory exhaustion/DoS. The initial entry notes third parties could not reproduce the issue. Connected advisories reference LibTIFF-related CVEs and indicate that fixes exist in la...

7.5CVSS6.7AI score0.04766EPSS
CVE
CVE
added 2010/11/26 6:23 p.m.129 views

CVE-2010-2962

The CVE-2010-2962 issue affects the Intel i915 DRM GEM in the Linux kernel prior to 2.6.36. It arises from insufficient validation of pointers to memory blocks in i915_gem.c, enabling local users to write to kernel memory via crafted ioctl usage (pwrite/pread) and potentially gain privileges.

7.2CVSS6.2AI score0.00483EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.129 views

CVE-2010-3442

Technical details for CVE-2010-3442 are not publicly provided in the connected documents. The sources reference the CVE and affected kernel versions but do not describe exploitability, impact specifics, or fixes. Monitor for vendor advisories and updates.

4.7CVSS6.5AI score0.00395EPSS
CVE
CVE
added 2012/08/29 10:0 a.m.129 views

CVE-2012-3967

CVE-2012-3967 is a Firefox/WebGL vulnerability on Linux where the WebGL implementation fails to interact correctly with Mesa drivers when a large number of sampler uniforms are used. This can let remote attackers execute arbitrary code or cause a denial of service (stack memory corruption) via a ...

9.3CVSS9.3AI score0.04392EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.129 views

CVE-2012-5836

CVE-2012-5836 affects Mozilla Firefox (before 17.0), Mozilla Thunderbird (before 17.0), and SeaMonkey (before 2.14). The issue can allow remote code execution or an application crash when CSS properties are combined with SVG text, due to the root cause described by MFSA 2012-94. Public advisories...

7.5CVSS8.7AI score0.04453EPSS
CVE
CVE
added 2014/09/01 1:0 a.m.129 views

CVE-2014-3601

CVE-2014-3601 is a Linux kernel/KVM issue affecting the kvm_iommu_map_pages function in virt/kvm/iommu.c up to kernel 3.16.1. The vulnerability arises from miscalculating the number of pages during a mapping failure, allowing a guest OS user to trigger either host memory corruption (denial of ser...

4.3CVSS6.6AI score0.01168EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.129 views

CVE-2017-13084

CVE-2017-13084 describes a vulnerability in WPA/WPA2 where the Station-To-Station-Link (STK) key can be reinstalled during the PeerKey handshake. An attacker within wireless range may replay, decrypt, or spoof frames by exploiting STSL STK reinstallation. Public sources confirm this as part of th...

6.8CVSS7AI score0.02205EPSS
CVE
CVE
added 2010/09/30 2:0 p.m.128 views

CVE-2010-3296

CVE-2010-3296 affects the Linux kernel driver cxgb3 (cxgb_extension_ioctl in drivers/net/cxgb3/cxgb3_main.c). The advisory states that the code path in kernels up to 2.6.36-rc5 does not properly initialize a structure member, allowing a local user to potentially read sensitive data from kernel st...

2.1CVSS5.5AI score0.00432EPSS
CVE
CVE
added 2012/10/10 5:0 p.m.128 views

CVE-2012-3992

CVE-2012-3992 affects Mozilla Firefox (and related Firefox-based apps) where history data is not properly handled. The flaw lets remote attackers perform cross-site scripting (XSS) or obtain sensitive POST content via a location.hash write operation combined with history navigation that loads a U...

4.3CVSS8.2AI score0.02513EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.128 views

CVE-2013-0747

Technical details for CVE-2013-0747 are not publicly provided in the supplied documents. Monitor for updates.

6.8CVSS9AI score0.02189EPSS
Total number of security vulnerabilities474