Lucene search
K
SuseLinux Enterprise Server12

147 matches found

CVE
CVE
added 2014/06/05 9:0 p.m.15805 views

CVE-2014-3470

CVE-2014-3470 is an OpenSSL vulnerability where the ssl3_send_client_key_exchange in s3_clnt.c can trigger a NULL certificate value when using anonymous ECDH cipher suites, leading to a denial-of-service via NULL pointer dereference and client crash. Affected OpenSSL versions are before 0.9.8za, ...

4.3CVSS7.4AI score0.85784EPSS
CVE
CVE
added 2014/09/24 6:0 p.m.2915 views

CVE-2014-6271

CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...

10CVSS9.9AI score0.99999EPSS
In wildWeb
CVE
CVE
added 2014/09/25 1:0 a.m.1333 views

CVE-2014-7169

CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...

10CVSS8.4AI score0.9994EPSS
In wild
CVE
CVE
added 2015/07/16 10:0 a.m.1178 views

CVE-2015-2590

CVE-2015-2590 is an unspecified vulnerability affecting Oracle Java SE (6u95, 7u80, 8u45) and Java SE Embedded (7u75, 8u33) with impact to confidentiality, integrity, and availability via unknown vectors in the Libraries component. Public details in the initial description are limited; connected ...

10CVSS4.2AI score0.25469EPSS
In wild
CVE
CVE
added 2016/05/05 6:0 p.m.1093 views

CVE-2016-3718

ImageMagick is affected by CVE-2016-3718: the HTTP and FTP coders can be abused to perform server-side request forgery via a crafted image. Affected lines: ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1. The vulnerability allows an attacker to induce the server to make HTTP/FTP requests when ...

5.5CVSS6.7AI score0.76897EPSS
In wild
CVE
CVE
added 2016/05/05 6:0 p.m.1092 views

CVE-2016-3715

Summary: CVE-2016-3715 affects ImageMagick where the EPHEMERAL coder allows a remote attacker to delete arbitrary files via a crafted image. Affected versions are ImageMagick prior to 6.9.3-10 and 7.x prior to 7.0.1-1. Impact (per sources): Remote deletion of files via crafted images using the EP...

5.8CVSS6.3AI score0.75383EPSS
In wild
CVE
CVE
added 2015/10/21 11:0 p.m.973 views

CVE-2015-4902

CVE-2015-4902 is an unspecified vulnerability in Oracle Java SE affecting Java 6u101, 7u85, and 8u60, with impact limited to integrity via unknown vectors related to Deployment. The Connected documents confirm the affected products and the vulnerability class, but do not provide concrete exploit ...

5.3CVSS5.5AI score0.13354EPSS
In wild
CVE
CVE
added 2015/08/08 12:0 a.m.972 views

CVE-2015-4495

CVE-2015-4495 affects Mozilla Firefox's built-in PDF viewer. The vulnerability allows remote attackers to bypass the Same Origin Policy and read arbitrary files or gain privileges via crafted JavaScript and a native setter, in Firefox versions before 39.0.3, Firefox ESR 38.x before 38.1.1, and Fi...

8.8CVSS6.6AI score0.70226EPSS
In wildWeb
CVE
CVE
added 2015/04/01 12:0 a.m.947 views

CVE-2015-2808

CVE-2015-2808 concerns RC4 usage in TLS/SSL within OpenJDK/OpenJDK components. The Invariance Weakness (Bar Mitzvah) means RC4 key material can leak partial plaintext from the first bytes of a TLS/SSL stream, enabling plaintext-recovery under certain traffic patterns. Public advisories for OpenJD...

5CVSS4.8AI score0.74006EPSS
CVE
CVE
added 2026/04/22 8:15 a.m.880 views

CVE-2026-31431

CVE-2026-31431 is a local privilege escalation in the Linux kernel’s algif_aead/AF_ALG path. The root cause is an in-place operation bug in the AEAD handling, which can be exercised via AF_ALG sockets with the authencesn algorithm and splice() to corrupt the kernel page cache of readable files wi...

7.8CVSS5.6AI score0.96267EPSS
In wild
CVE
CVE
added 2016/04/21 10:0 a.m.780 views

CVE-2016-3427

CVE-2016-3427 is an unspecified vulnerability in Oracle Java SE (affecting 6u113, 7u99, 8u77) and JRockit, tied to the Java Management Extensions (JMX) component. Exploitation can affect confidentiality, integrity, and availability via JMX-related vectors; the issue is described as an unspecified...

10CVSS6.8AI score0.92334EPSS
In wild
CVE
CVE
added 2017/10/02 9:0 p.m.740 views

CVE-2017-14491

CVE-2017-14491 : Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to crash the service or potentially execute arbitrary code via a crafted DNS response. Affected component: dnsmasq. Root cause described as a heap overflow in the DNS reply-building path. Public details in ...

9.8CVSS9.1AI score0.84925EPSS
CVE
CVE
added 2019/06/18 11:28 p.m.686 views

CVE-2019-11038

CVE-2019-11038 affects the GD Graphics Library (LibGD) 2.2.5 as used in the PHP gd extension. The flaw arises in gdImageCreateFromXbm(), where input data can cause the function to use an uninitialized variable, potentially leaking contents from stack memory. Affected PHP branches are 7.1.x below ...

5.3CVSS5.5AI score0.04332EPSS
CVE
CVE
added 2016/03/09 11:0 p.m.554 views

CVE-2016-1286

CVE-2016-1286 affects ISC BIND 9.x (before 9.9.8-P4 and 9.10.x before 9.10.3-P4). A remote attacker can trigger a denial of service by sending a crafted DNS signature for a DNAME record, leading to an assertion failure in resolver.c or db.c and a named process crash. The issue is documented with ...

8.6CVSS8.2AI score0.621EPSS
CVE
CVE
added 2018/01/03 6:0 a.m.549 views

CVE-2017-18017

CVE-2017-18017 affects the Linux kernel’s tcpmss_mangle_packet in net/netfilter/xt_TCPMSS.c. When xt_TCPMSS is used in an iptables action, a remote attacker can trigger a use-after-free and memory corruption, leading to a denial of service. Affected versions are Linux kernel before 4.11, and 4.9....

10CVSS9.5AI score0.52841EPSS
CVE
CVE
added 2016/03/09 11:0 p.m.454 views

CVE-2016-1285

CVE-2016-1285 affects ISC BIND 9.x (before 9.9.8-P4 and 9.10.x before 9.10.3-P4). The issue arises from improper handling of control-channel input to rndc, causing assertion failure and named daemon exit via a malformed packet. Connected advisories describe related impact for DNAME records (CVE-2...

6.8CVSS7.2AI score0.59143EPSS
CVE
CVE
added 2023/04/25 12:0 a.m.441 views

CVE-2023-29552

CVE-2023-29552 describes a DoS vulnerability in the Service Location Protocol (SLP) where an unauthenticated remote attacker can register arbitrary services, causing SLP server to respond with spoofed traffic and enabling large amplification (reported up to ~2,200x). Documented impacts include po...

7.5CVSS7.4AI score0.65873EPSS
In wild
CVE
CVE
added 2016/05/26 4:0 p.m.418 views

CVE-2016-0718

CVE-2016-0718 is evidenced in connected Apple documents as part of the Expat (libexpat) updates applied to OS X El Capitan and iTunes-related components. The Expat/libexpat entry notes that processing XML can trigger vulnerabilities in affected builds, with CVE-2016-0718 specifically associated w...

9.8CVSS8.7AI score0.13802EPSS
CVE
CVE
added 2021/11/11 12:0 a.m.405 views

CVE-2002-20001

CVE-2002-20001 describes a Diffie-Hellman key exchange weakness where a remote attacker (from the client side) can send non-public values to induce expensive server-side DHE modular-exponentiation, potentially impacting availability. The description specifies that the attack is most disruptive wh...

7.5CVSS7.3AI score0.23061EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.396 views

CVE-2017-13081

CVE-2017-13081 describes a KRACK-class flaw in WPA/WPA2 where the Integrity Group Temporal Key (IGTK) can be reinstalled during the group key handshake. This enables an attacker within radio range to spoof frames from APs to clients, potentially undermining confidentiality and integrity of WPA/WP...

5.3CVSS6.7AI score0.02003EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.384 views

CVE-2017-13079

CVE-2017-13079 is a KRACK-type vulnerability affecting WPA/WPA2 where reinstallation of the Integrity Group Temporal Key (IGTK) can occur during the 4-way handshake. An attacker in radio range can spoof frames from APs to clients by exploiting IGTK reinstallation. Public disclosures and advisorie...

5.3CVSS6.6AI score0.02124EPSS
CVE
CVE
added 2017/10/17 2:0 a.m.382 views

CVE-2017-13077

CVE-2017-13077 is a KRACK-related vulnerability affecting Wi‑Fi (WPA/WPA2) where an attacker within radio range can force PTK nonce reuse during the four‑way handshake, enabling replay, decryption, or spoofing of frames. The initial description confirms the vulnerability and impact. Connected doc...

6.8CVSS7.3AI score0.02388EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.379 views

CVE-2017-13080

CVE-2017-13080 corresponds to the WPA2/Wi‑Fi Key Reinstallation Attack (KRACK) risk, where a network-adjacent attacker can leverage a flaw in the group key handshake to reinstall GTK keys and replay frames. The core description in the initial document confirms: an attacker in radio range can repl...

5.3CVSS6.9AI score0.02285EPSS
CVE
CVE
added 2015/07/23 12:0 a.m.341 views

CVE-2015-1283

The material confirms CVE-2015-1283 is an Expat XML_GetBuffer integer/heap overflow issue, with impact on multiple products using expat up to 2.1.0 (e.g., Chrome before 44.0.2403.89). Related CVEs include CVE-2015-2716 and CVE-2016-4472 (note: the latter indicates the overflow protection was remo...

6.8CVSS8.4AI score0.19069EPSS
CVE
CVE
added 2017/06/19 4:0 p.m.340 views

CVE-2017-1000366

CVE-2017-1000366 affects glibc (vulnerable in 2.25 and earlier). A flaw in heap/stack memory handling allows crafted LD_LIBRARY_PATH values to influence allocation and memory layout, potentially enabling local arbitrary code execution via stack/heap aliasing. Several advisories and distributions ...

7.8CVSS7.4AI score0.02733EPSS
CVE
CVE
added 2016/02/18 9:0 p.m.301 views

CVE-2015-7547

CVE-2015-7547 refers to a stack-based buffer overflow in the GLIBC libresolv DNS resolver path, triggered by dual A/AAAA DNS queries in getaddrinfo. The vulnerability could allow remote code execution or crash the process when handling crafted DNS responses, with exploitation possible via the nss...

8.1CVSS8.4AI score0.89557EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.301 views

CVE-2018-7566

CVE-2018-7566 is confirmed in the Connected documents as a Linux kernel 4.15 vulnerability. It describes a buffer overflow in ALSA/seq handling: an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write to /dev/snd/seq can be triggered by a local user. The affected component is the kernel’s sound/ALSA subsy...

7.8CVSS6.9AI score0.005EPSS
CVE
CVE
added 2017/12/20 11:0 p.m.294 views

CVE-2017-17805

CVE-2017-17805 affects the Linux kernel prior to 4.14.8. The Salsa20 cipher implementation (crypto/salsa20_generic.c and arch/x86/crypto/salsa20_glue.c) mishandles zero-length inputs, allowing a local attacker to use the AF_ALG-based skcipher interface to trigger uninitialized memory free and ker...

7.8CVSS7.5AI score0.00428EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.292 views

CVE-2017-13078

CVE-2017-13078 is part of the KRACK family impacting WPA2. A attacker in Wi‑Fi range could reinstall the GTK during the 4‑way handshake, replaying frames to clients. Apple addresses this via security updates (e.g., HT208221/HT208222) for macOS High Sierra/Sierra and related AirPort firmware; exac...

5.3CVSS6.7AI score0.0207EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.284 views

CVE-2017-13082

CVE-2017-13082 is one of the KRACK-class WPA2 flaws. Android/Arch/Debian/CentOS references describe an issue where a retransmitted FT Reassociation Request can reinstall the PTK during processing, enabling a nearby attacker to replay, decrypt, or spoof frames. Impact described across sources incl...

8.1CVSS7.7AI score0.04575EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.261 views

CVE-2017-13087

CVE-2017-13087 affects WPA/WPA2 (WPA2) implementations in wpa_supplicant/wpa and is part of the KRACK family. The issue is a GTK reinstallation triggered when processing a Wireless Network Management Sleep Mode Response frame, allowing an attacker within radio range to replay frames between APs a...

5.3CVSS6.6AI score0.01742EPSS
CVE
CVE
added 2018/12/14 2:0 p.m.258 views

CVE-2018-16873

CVE-2018-16873 is a Go go get remote code execution vulnerability (GOPATH mode) where a malicious package import path can cause the parent directory to be treated as a Git repository root, leading to execution of commands from the repository’s config if it contains malicious directives. Connected...

8.1CVSS8.5AI score0.66252EPSS
Web
CVE
CVE
added 2017/07/21 2:0 p.m.247 views

CVE-2015-5300

CVE-2015-5300 (NTP panic-threshold bypass) is detailed in connected advisory from F5 for BIG-IP products, describing a vulnerability in ntpd where the threshold for the -g option is not correctly enforced. An attacker controlling NTP traffic could cause ntpd to step the clock to an arbitrary valu...

7.5CVSS7.6AI score0.0913EPSS
CVE
CVE
added 2015/11/13 2:0 a.m.247 views

CVE-2015-8126

CVE-2015-8126 concerns libpng buffer overflows in png_set_PLTE and png_get_PLTE caused by improper bounds checks. Affected ranges include libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19. Exploitation via a small bit-...

7.5CVSS7.9AI score0.10339EPSS
CVE
CVE
added 2018/11/26 3:0 a.m.244 views

CVE-2018-19542

CVE-2018-19542 affects JasPer 2.0.14. The vulnerability is a NULL pointer dereference in jp2_decode (libjasper/jp2/jp2_dec.c) that leads to a denial of service. The connected documents confirm the issue and cite unpatched status on several Red Hat releases (RHEL 6/7/8) via Nessus entries, but do ...

6.5CVSS6.5AI score0.01946EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.243 views

CVE-2017-13086

CVE-2017-13086 affects WPA/WPA2, specifically the TDLS handshake where the TDLS PeerKey (TPK) can be reinstalled. The root cause is key reinstallation during the TDLS handshake, enabling an attacker within radio range to replay, decrypt, or spoof frames. This vulnerability is documented across mu...

6.8CVSS7.2AI score0.02046EPSS
CVE
CVE
added 2017/10/17 1:0 p.m.241 views

CVE-2017-13088

CVE-2017-13088 is part of the KRACK family affecting WPA/WPA2 (802.11) where reinstallation of the Integrity Group Temporal Key (IGTK) can occur while processing a Wireless Network Management Sleep Mode Response frame. The flaw enables an attacker within radio range to replay frames between APs a...

5.3CVSS6.6AI score0.01807EPSS
CVE
CVE
added 2018/12/14 2:0 p.m.233 views

CVE-2018-16874

CVE-2018-16874 affects Go’s go get in GOPATH mode when the import path contains curly braces, enabling an arbitrary filesystem write and potential code execution. The vulnerability is documented for Go <1.10.6 and

8.1CVSS8.2AI score0.05039EPSS
CVE
CVE
added 2018/10/31 4:0 p.m.232 views

CVE-2018-18873

CVE-2018-18873 affects JasPer 2.0.14 with a NULL pointer dereference in ras_putdatastd (ras_enc.c), which can cause a crash. The Connected documents confirm the vulnerability and its presence in JasPer 2.0.14 but do not provide a specific patch version or remediation details in the supplied mater...

5.5CVSS6.1AI score0.01374EPSS
CVE
CVE
added 2014/04/14 4:0 p.m.208 views

CVE-2010-5298

CVE-2010-5298 – OpenSSL race condition in ssl3_read_bytes (s3_pkt.c) . OpenSSL versions up to 1.0.1g are affected when SSL_MODE_RELEASE_BUFFERS is enabled, enabling a remote attacker to inject data across sessions or cause a denial of service (use-after-free and parsing error) over an SSL connect...

4CVSS7AI score0.34132EPSS
CVE
CVE
added 2022/02/18 11:23 p.m.208 views

CVE-2021-45082

CVE-2021-45082 affects Cobbler prior to 3.3.1. The issue resides in templar.py, where the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring (only lines starting with #import are blocked). This could enable unintended module ...

7.8CVSS7.5AI score0.00495EPSS
CVE
CVE
added 2017/12/20 11:0 p.m.207 views

CVE-2017-17806

CVE-2017-17806 affects the Linux kernel before 4.14.8. The HMAC implementation (crypto/hmac.c) does not validate that the underlying hash algorithm is unkeyed, allowing a local attacker who can use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and SHA-3 (CONFIG_CRYPTO_SHA3) to tri...

7.8CVSS7.4AI score0.00561EPSS
CVE
CVE
added 2018/11/26 3:0 a.m.190 views

CVE-2018-19539

CVE-2018-19539 (JasPer 2.0.14) : An access violation in libjasper/base/jas_image.c:jas_image_readcmpt can cause a denial of service. Affected component is jas_image_readcmpt in JasPer 2.0.14; root cause is an access violation leading to crash/DoS. Public remediation/fix details are not provided i...

6.5CVSS6.5AI score0.01946EPSS
CVE
CVE
added 2021/06/02 1:54 p.m.187 views

CVE-2018-10195

CVE-2018-10195 affects lrzsz prior to 0.12.21~rc. The issue stems from an incorrect length check in zsdata that can cause a size_t wraparound, potentially leaking information to the receiving side. Public sources consistently describe an information leak risk and, in distributions, a fix/update i...

7.1CVSS6.5AI score0.00391EPSS
CVE
CVE
added 2018/11/26 3:0 a.m.185 views

CVE-2018-19541

CVE-2018-19541 : A heap-based buffer over-read of size 8 exists in the function jas_image_depalettize (libjasper/base/jas_image.c) in JasPer, affecting versions from 1.900.8 up to 2.0.16 listed in the Initial document. The vulnerability can cause a crash and may enable memory access issues. The C...

8.8CVSS7.2AI score0.02802EPSS
CVE
CVE
added 2017/01/30 9:0 p.m.184 views

CVE-2015-7976

CVE-2015-7976 affects the ntpq saveconfig command in the NTP reference implementation (ntpd/ntpq) across multiple 4.x branches (e.g., 4.1.2, 4.2.x prior to 4.2.8p6, and 4.3.x). The underlying flaw is that saveconfig does not properly filter special characters in filenames, enabling an attacker to...

4.3CVSS5.6AI score0.03512EPSS
CVE
CVE
added 2014/06/05 9:0 p.m.182 views

CVE-2014-0221

The CVE concerns OpenSSL: the function dtls1_get_message_fragment in d1_both.c is vulnerable to a DoS via an invalid DTLS handshake. Affected are OpenSSL binaries prior to 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. In practice, a remote attacker can trigger recursion and a client cras...

4.3CVSS6.8AI score0.87892EPSS
CVE
CVE
added 2022/04/27 12:0 a.m.182 views

CVE-2022-27239

CVE-2022-27239 affects cifs-utils up to version 6.14, due to a stack-based buffer overflow when parsing the mount.cifs ip= argument, enabling local attackers to gain root privileges. A patched version is available (e.g., cifs-utils 6.14-2 and later per advisories). Remediation is to update to a f...

7.8CVSS7.7AI score0.00562EPSS
CVE
CVE
added 2018/10/23 12:0 a.m.179 views

CVE-2018-18584

CVE-2018-18584 affects libmspack and cabextract. In mspack/cab.h, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write (before 0.8alpha for libmspack and before 1.8 for cabextract). Remediation involves upgrading to fixed versions (e.g....

6.5CVSS6.6AI score0.03086EPSS
CVE
CVE
added 2015/01/09 9:0 p.m.178 views

CVE-2014-9584

CVE-2014-9584 affects the Linux kernel where the function parse_rock_ridge_inode_internal in fs/isofs/rock.c does not validate a length value in the ER System Use Field, enabling local users to obtain sensitive kernel memory via a crafted iso9660 image. This vulnerability exists in kernels before...

2.1CVSS4.5AI score0.00461EPSS
Total number of security vulnerabilities147