Lucene search
K
SuseLinux Enterprise Server

474 matches found

CVE
CVE
added 2013/07/17 10:0 a.m.128 views

CVE-2013-3802

CVE-2013-3802 affects Oracle MySQL server up to specific versions: 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier. The vulnerability is described as unspecified and allows remote authenticated users to affect availability via unknown vectors related to Full Text Search. Connected ...

4CVSS4.3AI score0.03245EPSS
CVE
CVE
added 2015/01/21 6:0 p.m.128 views

CVE-2015-0381

Technical details for CVE-2015-0381 are not publicly available in the provided documents. No specific affected products, versions, root cause, impact, or fixes are described here; monitor for updates.

4.3CVSS6.6AI score0.05428EPSS
CVE
CVE
added 2015/11/06 9:0 p.m.128 views

CVE-2015-6855

CVE-2015-6855 affects QEMU, where hw/ide/core.c does not properly restrict ATAPI device commands. The flaw allows a guest user to cause a denial of service (and potentially other impact) by issuing certain IDE commands, demonstrated by a WIN_READ_NATIVE_MAX to an empty drive that triggers a divid...

7.5CVSS7.4AI score0.03502EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.127 views

CVE-2010-4164

CVE-2010-4164 affects the Linux kernel prior to 2.6.36.2, where multiple integer underflows occur in the x25_parse_facilities function (net/x25/x25_facilities.c). This can allow a remote attacker to cause a denial of service (system crash) via malformed X.25 facility data (X25_FAC_CLASS_A/B/C/D)....

7.8CVSS7AI score0.04308EPSS
CVE
CVE
added 2012/10/10 5:0 p.m.127 views

CVE-2012-3994

Mode C: CVE-2012-3994 affects Mozilla Firefox family and related Mozilla components (e.g., Firefox, Firefox ESR, Thunderbird, SeaMonkey). Root cause: use of Object.defineProperty to shadow the top object and interaction with top.location, enabling remote XSS via a binary plugin. Affected versions...

4.3CVSS8.2AI score0.02388EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.127 views

CVE-2013-0752

Technical details for CVE-2013-0752 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

9.3CVSS9.4AI score0.06623EPSS
CVE
CVE
added 2020/01/23 6:42 p.m.127 views

CVE-2015-1931

CVE-2015-1931 affects IBM Java Security Components in IBM SDK, Java Technology Edition across multiple IBM Java releases. The issue arises from storing plaintext data in memory dumps, enabling local users to read sensitive information from memory dumps. Related IBM advisories (e.g., IBM Security ...

5.5CVSS5.4AI score0.00222EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.126 views

CVE-2014-6494

CVE-2014-6494 is an unspecified vulnerability in Oracle MySQL Server (affected: 5.5.39 and earlier; 5.6.20 and earlier) that can allow remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL. The IBM advisory lists the CVE among several issues affecting MySQL Server compon...

4.3CVSS6.4AI score0.04847EPSS
CVE
CVE
added 2015/05/14 10:0 a.m.126 views

CVE-2015-0797

CVE-2015-0797 affects GStreamer up to 1.4.4 (GStreamer 1.4.x) when used by Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux. The flaw is a buffer over-read in H.264 video data processing in the GStreamer pipeline (m4v files) that can cause a denial o...

6.8CVSS8AI score0.0544EPSS
CVE
CVE
added 2017/04/13 5:0 p.m.126 views

CVE-2015-8567

CVE-2015-8567 describes a memory leak in the QEMU vmxnet3 device emulator (net/vmxnet3.c) that could allow a remote attacker to cause a denial of service via memory exhaustion. The vulnerability is part of multiple CVEs in QEMU; Debian security advisories report fixes in stable Jessie to version ...

7.7CVSS7.7AI score0.05557EPSS
CVE
CVE
added 2013/12/11 3:0 p.m.125 views

CVE-2013-5614

Affected software: Mozilla Firefox <= 25.x/26.0 and SeaMonkey

4.3CVSS9.1AI score0.02353EPSS
CVE
CVE
added 2014/03/19 10:0 a.m.125 views

CVE-2014-1502

CVE-2014-1502 affects Mozilla Firefox (pre-28.0) and SeaMonkey (pre-2.25). The vulnerability arises in WebGL functions WebGL.compressedTexImage2D and WebGL.compressedTexSubImage2D, enabling remote attackers to bypass Same Origin Policy and render content from a different domain via unspecified ve...

6.8CVSS9.1AI score0.01147EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.125 views

CVE-2014-6464

CVE-2014-6464 is an unspecified vulnerability in Oracle MySQL Server affecting 5.5.39 and earlier and 5.6.20 and earlier, allowing remote authenticated users to affect availability via SERVER:INNODB DML FOREIGN KEYS. The CVSS Base Score is 4.0 (MEDIUM). Affected advisories and vendors indicate re...

4CVSS5.6AI score0.04098EPSS
CVE
CVE
added 2009/04/17 12:0 a.m.124 views

CVE-2009-0946

The CVE-2009-0946 issue affects the FreeType font engine (FreeType 2.3.9 and earlier). The vulnerability arises from multiple integer overflows in the engine, exploitable via crafted font input in components such as smooth/ftsmooth.c, sfnt/ttcmap.c, and cff/cffload.c, potentially allowing remote ...

7.5CVSS8.8AI score0.08541EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.124 views

CVE-2010-3437

The vulnerability CVE-2010-3437 affects the Linux kernel (before 2.6.36-rc6) in pkt_find_dev_from_minor within drivers/block/pktcdvd.c. A crafted index value passed via PKT_CTRL_CMD_STATUS ioctl can cause a signedness error, enabling local attackers to read kernel memory or trigger a crash (DoS)....

6.6CVSS5.6AI score0.02396EPSS
In wild
CVE
CVE
added 2010/12/30 6:0 p.m.124 views

CVE-2010-3848

CVE-2010-3848 is a Linux kernel vulnerability: a stack-based buffer overflow in econet_sendmsg (net/econet/af_econet.c) when Econet is configured, caused by handling a large number of iovec structures. This allows local privilege escalation. The flaw affects Linux kernels before 2.6.36.2 and is a...

6.9CVSS6.3AI score0.00703EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.124 views

CVE-2010-4072

CVE-2010-4072 affects the Linux kernel: the copy_shmid_to_user function in ipc/shm.c (pre-2.6.37-rc1) does not initialize a certain structure, enabling local users to leak potentially sensitive information from kernel stack memory via the shmctl interface and the old shm interface. Affected produ...

1.9CVSS5.8AI score0.00384EPSS
CVE
CVE
added 2010/12/10 6:0 p.m.124 views

CVE-2010-4157

CVE-2010-4157 involves an integer overflow in the Linux kernel’s GDTH SCSI driver (gdth_ioctl_alloc/ioc_general) on 64-bit platforms. A 32/64-bit mismatch when handling a large argument in an ioctl can cause memory corruption, enabling a local user to trigger a denial of service (and potentially ...

6.2CVSS7.8AI score0.0054EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.124 views

CVE-2012-4213

The CVE-2012-4213 issue is a concrete use-after-free vulnerability in Mozilla codepath: nsEditor::FindNextLeafNode affects Firefox and related products. Affected components per the initial description are Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14, with remote...

9.3CVSS8.8AI score0.06155EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.124 views

CVE-2012-5841

CVE-2012-5841 affects Mozilla Firefox (before 17.0), Firefox ESR (10.x before 10.0.11), Thunderbird (before 17.0), Thunderbird ESR (before 10.0.11) and SeaMonkey (before 2.14). The issue arises from cross-origin wrappers with a filtering behavior that fails to restrict write actions, enabling rem...

4.3CVSS7.8AI score0.0193EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.124 views

CVE-2013-0756

CVE-2013-0756 corresponds to a use-after-free in Mozilla Firefox’s obj_toSource path that can be triggered by a crafted web page referencing JavaScript Proxy objects, allowing remote code execution via standard web-visit attack vectors. Affected products include Firefox (pre-18.0), Firefox ESR 17...

9.3CVSS9.3AI score0.04199EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.124 views

CVE-2013-3812

CVE-2013-3812 affects Oracle MySQL Server prior to 5.5.31 and 5.6.11, where an unspecified vulnerability in Server Replication allows remote authenticated users to affect availability via unknown vectors. The information explicitly cites availability impact (PARTIAL) but vectors and root cause ar...

3.5CVSS5AI score0.02764EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.124 views

CVE-2014-4655

CVE-2014-4655 affects the Linux kernel ALSA control path: snd_ctl_elem_add in sound/core/control.c does not correctly maintain user_ctl_count, enabling a local DoS via a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE calls to /dev/snd/controlCX. Affected: Linux kernel prior to 3.15.2 (ALSA control ...

4.9CVSS5.8AI score0.00494EPSS
Web
CVE
CVE
added 2014/10/15 10:3 p.m.124 views

CVE-2014-6496

CVE-2014-6496 affects Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier, via CLIENT:SSL:yaSSL, causing availability issues (remote, unauthenticated). Affects MySQL Server component CLIENT:SSL:yaSSL; root cause is unspecified in the provided text. Public details across connected source...

4.3CVSS6.4AI score0.04349EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.124 views

CVE-2014-6555

CVE-2014-6555 is a MySQL Server vulnerability (affecting 5.5.39 and earlier and 5.6.20 and earlier) that allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. The connected sources identify a package-wide remediation: upgrade t...

6.5CVSS6.1AI score0.03896EPSS
CVE
CVE
added 2016/04/08 2:0 p.m.124 views

CVE-2016-2315

CVE-2016-2315 : Git before 2.7.4 contains an integer truncation/overrun in revision.c that can cause a heap-based buffer overflow when handling crafted path information (e.g., long filenames or many nested trees). This may allow remote code execution. A fix is to update Git to version 2.7.4 or la...

10CVSS9.6AI score0.17979EPSS
CVE
CVE
added 2016/04/08 2:0 p.m.124 views

CVE-2016-2324

CVE-2016-2324 affects Git prior to 2.7.4. A heap-based buffer overflow is triggered by path-related inputs (e.g., long filenames or deeply nested trees), enabling remote code execution. Public advisories from Debian, Ubuntu, Arch, CentOS, and Cloud Foundry reference two related buffer-overflow vu...

10CVSS9.7AI score0.18808EPSS
CVE
CVE
added 2008/11/13 12:0 a.m.123 views

CVE-2008-4989

Summary: CVE-2008-4989 affects the GnuTLS library. The vulnerability lies in _gnutls_x509_verify_certificate in libgnutls/lib/x509/verify.c, where the library can trust a chain whose last certificate is an arbitrary self-signed trusted cert. This allows a man-in-the-middle to spoof a certificate ...

5.9CVSS5.9AI score0.01882EPSS
CVE
CVE
added 2010/05/27 7:0 p.m.123 views

CVE-2010-1634

CVE-2010-1634 concerns the audioop module of Python (versions 2.6, 2.7, 3.1, 3.2) where multiple integer overflows in audioop.c can be triggered by a large fragment in a call like audioop.lin2lin, leading to a denial of service (application crash). The vulnerability is tied to an incorrect prior ...

5CVSS6.6AI score0.04382EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.123 views

CVE-2010-4083

CVE-2010-4083 affects the Linux kernel (pre-2.6.36). The vulnerable code path is copy_semid_to_user() in ipc/sem.c, where a structure is not initialized, enabling local attackers to leak kernel stack memory via semctl commands (IPC_INFO, SEM_INFO, IPC_STAT, SEM_STAT). The issue is mitigated by up...

1.9CVSS5.8AI score0.00387EPSS
CVE
CVE
added 2014/07/17 2:36 a.m.123 views

CVE-2014-4207

CVE-2014-4207 is described as an unspecified vulnerability in the MySQL Server component affecting Oracle MySQL 5.5.37 and earlier, enabling remote authenticated users to impact availability via the SROPTZR vector. Connected sources map the issue to MariaDB/MariaDB Galera contexts as well, with r...

4CVSS6.1AI score0.03911EPSS
CVE
CVE
added 2014/07/17 10:0 a.m.123 views

CVE-2014-4243

CVE-2014-4243 affects the MySQL Server component (Oracle MySQL) prior to 5.5.35 and 5.6.15. The vulnerability could allow remote authenticated users to affect availability via ENFED-related vectors. Open-source/integrated advisories reference MariaDB/RHEL/SUSE mitigations; remediation in these co...

2.8CVSS5AI score0.03404EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.123 views

CVE-2014-4652

CVE-2014-4652 affects the Linux kernel ALSA sound subsystem. A race condition in the tlv handler (snd_ctl_elem_user_tlv) within sound/core/control.c before version 3.15.2 allows local users to read kernel memory via /dev/snd/controlCX. Impact is partial confidentiality of kernel memory. The vulne...

1.9CVSS5.6AI score0.00335EPSS
Web
CVE
CVE
added 2014/10/15 10:3 p.m.123 views

CVE-2014-6505

CVE-2014-6505 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier, via a vulnerability in the SERVER:MEMORY STORAGE ENGINE that can impact availability when exploited by remote authenticated users. Public advisories (RHSA-2014-1940/1862 and related Red Hat notes) indicate fixes ...

4CVSS6.2AI score0.02667EPSS
CVE
CVE
added 2015/01/21 7:0 p.m.123 views

CVE-2015-0432

CVE-2015-0432 is listed against Oracle/MySQL/MariaDB 5.5.x in multiple advisories. Public details in connected docs show fixes in 5.5.41 (RHSA-2015:0117) and 5.5.45 (ELSA-2015-1628/CentOS-CE), indicating a vulnerability affecting MySQL/MariaDB server components related to InnoDB/DDL-Foreign Key; ...

4CVSS6.1AI score0.0394EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.122 views

CVE-2010-3849

CVE-2010-3849 affects the Linux kernel’s econet_sendmsg path (net/econet/af_econet.c) prior to 2.6.36.2, when an Econet address is configured. A local user can trigger a denial of service by issuing a sendmsg with a NULL remote address, causing a NULL pointer dereference and OOPS. The correspondi...

4.7CVSS5.7AI score0.00711EPSS
In wild
CVE
CVE
added 2012/10/10 5:0 p.m.122 views

CVE-2012-3984

CVE-2012-3984 affects Mozilla Firefox (<16.0), Mozilla Thunderbird (<16.0), and SeaMonkey (

6.8CVSS8.9AI score0.02246EPSS
CVE
CVE
added 2014/02/06 2:0 a.m.122 views

CVE-2014-1480

Technical details about CVE-2014-1480 are not publicly provided in the connected documents. The available description notes a clickjacking/ unintended file launch issue in Firefox/SeaMonkey, but specifics (affected versions, root cause, exploitability, and fixes) are not included.

4.3CVSS8.9AI score0.02683EPSS
CVE
CVE
added 2015/11/09 2:0 a.m.122 views

CVE-2015-2697

CVE-2015-2697 affects MIT Kerberos 5 (krb5) prior to 1.14. The issue is triggered via a remote authenticated TGS request where the realm field starts with a null byte, enabling an out-of-bounds condition that can crash the KDC (denial of service). The connected document confirms the vulnerability...

4CVSS6.9AI score0.04128EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.121 views

CVE-2010-2959

The CVE-2010-2959 issue affects the Linux kernel CAN subsystem, specifically the can/bcm.c implementation, due to an integer overflow vulnerability. This flaw can allow local attackers to execute arbitrary code or cause a system crash (DoS) via crafted CAN traffic. Public advisories confirm vulne...

7.2CVSS7.8AI score0.03746EPSS
In wild
CVE
CVE
added 2012/05/17 10:0 a.m.121 views

CVE-2012-1097

CVE-2012-1097 affects the Linux kernel before 3.2.10, where the regset (register set) path mishandles absence of .get/.set methods. This can allow a local attacker to trigger a NULL pointer dereference via PTRACE_GETREGSET or PTRACE_SETREGSET, possibly causing denial of service or other impact. R...

7.8CVSS7.7AI score0.00351EPSS
CVE
CVE
added 2012/08/29 10:0 a.m.121 views

CVE-2012-3976

CVE-2012-3976 affects Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12. The issue arises from improper handling of onLocationChange events when navigating between https sites, allowing remote attackers to spoof the X.509 certificate information in the address...

4.3CVSS8.6AI score0.01779EPSS
CVE
CVE
added 2012/10/10 5:0 p.m.121 views

CVE-2012-3995

CVE-2012-3995 affects Mozilla Firefox and related Mozilla applications. The vulnerability arises from the IsCSSWordSpacingSpace function in Firefox (and Firefox ESR 10.x, Thunderbird, SeaMonkey as listed) where an out-of-bounds read could be exploited to run arbitrary code or trigger a denial-of-...

9.3CVSS9.4AI score0.05018EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.121 views

CVE-2013-3783

CVE-2013-3783 affects the MySQL Server component in Oracle MySQL 5.5.31 and earlier. The vulnerability is described as unspecified and allows remote authenticated users to affect availability via unknown vectors related to the Server Parser. Connected sources reference this CVE within broader Ora...

4CVSS5AI score0.0309EPSS
CVE
CVE
added 2013/12/11 3:0 p.m.121 views

CVE-2013-5619

CVE-2013-5619 describes a vulnerability in Mozilla’s SpiderMonkey JavaScript engine where the binary-search implementation could overflow, potentially enabling a remote attacker to cause a denial of service via crafted JavaScript. The initial Mozilla/OpenSUSE/IBM advisories confirm this is a Java...

7.5CVSS9.5AI score0.03707EPSS
CVE
CVE
added 2013/12/11 3:0 p.m.121 views

CVE-2013-6672

CVE-2013-6672: Firefox (Linux) and SeaMonkey are affected by a Linux clipboard information disclosure via middle-click paste. The initial entry specifies Firefox < 26.0 and SeaMonkey

4.3CVSS9AI score0.03341EPSS
CVE
CVE
added 2015/12/07 8:0 p.m.121 views

CVE-2015-5006

CVE-2015-5006 affects IBM SDK/Java Technology Edition (IBM Java Security Components) on multiple versions (8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, 6 before SR16 FP15). The root cause is exposure of Kerberos Credential Cache data, enabling physically proximate ...

2.1CVSS5.4AI score0.00482EPSS
CVE
CVE
added 2009/10/19 7:27 p.m.120 views

CVE-2009-3612

CVE-2009-3612 affects the Linux kernel’s net/sched/cls_api.c tcf_fill_node in the netlink subsystem. The issue is that a tcm__pad2 structure member is not initialized, potentially allowing local attackers to read sensitive kernel memory. Affected: kernel 2.6.x prior to 2.6.32-rc5 and 2.4.37.6 and...

2.1CVSS6.1AI score0.00399EPSS
CVE
CVE
added 2012/06/05 11:0 p.m.120 views

CVE-2012-1938

CVE-2012-1938 affects Mozilla's browser engine and is described in the MiracleLinux AXSA:2012-857 advisory as multiple vulnerabilities in Firefox (and related components) that could allow memory corruption and remote code execution. Specifically, it impacts Mozilla Firefox before 13.0, Thunderbir...

9.3CVSS9.9AI score0.04899EPSS
CVE
CVE
added 2012/10/10 5:0 p.m.120 views

CVE-2012-3988

CVE-2012-3988 is a use-after-free vulnerability in Mozilla Firefox (pre-16.0), Firefox ESR (pre-10.0.8), Thunderbird (pre-16.0), Thunderbird ESR (pre-10.0.8), and SeaMonkey (pre-2.13). It can be triggered via mozRequestFullScreen with full-screen mode and navigation via history.back, potentially ...

9.3CVSS9.3AI score0.05201EPSS
Total number of security vulnerabilities474