Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SuseLinux Enterprise Server12

145 matches found

CVE
CVEadded 2014/10/15 10:55 p.m.96 views

CVE-2014-6555

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

6.5CVSS6.1AI score0.00473EPSS
CVE
CVEadded 2015/11/09 3:59 a.m.95 views

CVE-2015-2697

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.

4CVSS6.9AI score0.05447EPSS
CVE
CVEadded 2017/04/13 5:59 p.m.95 views

CVE-2015-8567

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).

7.7CVSS7.7AI score0.04759EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.95 views

CVE-2015-8933

Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.

5.5CVSS6AI score0.00311EPSS
CVE
CVEadded 2022/10/06 6:16 p.m.94 views

CVE-2022-31252

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the pa...

4.4CVSS4.3AI score0.00026EPSS
CVE
CVEadded 2014/10/15 3:55 p.m.93 views

CVE-2014-4287

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.

4CVSS6.2AI score0.00471EPSS
CVE
CVEadded 2014/10/15 10:55 p.m.93 views

CVE-2014-6505

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.

4CVSS6.2AI score0.00471EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.92 views

CVE-2015-8928

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

5.5CVSS6.2AI score0.00295EPSS
CVE
CVEadded 2014/10/15 3:55 p.m.90 views

CVE-2014-6464

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.

4CVSS5.6AI score0.01173EPSS
CVE
CVEadded 2016/04/08 2:59 p.m.90 views

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.

10CVSS9.6AI score0.2572EPSS
CVE
CVEadded 2014/10/15 3:55 p.m.89 views

CVE-2014-6484

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.

4CVSS6.2AI score0.00471EPSS
CVE
CVEadded 2014/10/15 10:55 p.m.89 views

CVE-2014-6495

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.

4.3CVSS6.3AI score0.00555EPSS
CVE
CVEadded 2024/11/10 10:15 p.m.89 views

CVE-2024-46956

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

7.8CVSS7.2AI score0.00184EPSS
CVE
CVEadded 2014/10/15 3:55 p.m.88 views

CVE-2014-6478

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.

4.3CVSS6.3AI score0.00407EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.88 views

CVE-2015-8931

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

7.8CVSS8AI score0.00299EPSS
CVE
CVEadded 2014/11/14 3:59 p.m.87 views

CVE-2014-7815

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.

5CVSS5.8AI score0.03847EPSS
CVE
CVEadded 2014/07/17 5:10 a.m.86 views

CVE-2014-4207

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

4CVSS6.1AI score0.00414EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.86 views

CVE-2015-8932

The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.

5.5CVSS5.8AI score0.00626EPSS
CVE
CVEadded 2015/06/03 8:59 p.m.85 views

CVE-2015-4106

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

4.6CVSS7.6AI score0.00085EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.85 views

CVE-2015-8926

The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

5.5CVSS6.1AI score0.00409EPSS
CVE
CVEadded 2024/11/10 9:15 p.m.84 views

CVE-2024-46951

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

7.8CVSS7.1AI score0.00062EPSS
CVE
CVEadded 2014/10/15 10:55 p.m.83 views

CVE-2014-6507

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

4.3CVSS5.5AI score0.00846EPSS
CVE
CVEadded 2015/07/02 9:59 p.m.83 views

CVE-2015-0192

Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.

7.5CVSS4.5AI score0.02501EPSS
CVE
CVEadded 2014/10/15 3:55 p.m.82 views

CVE-2014-6463

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.

3.3CVSS6.1AI score0.00553EPSS
CVE
CVEadded 2016/04/21 10:59 a.m.81 views

CVE-2016-0668

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.

4.1CVSS4.3AI score0.00459EPSS
CVE
CVEadded 2021/07/28 10:15 a.m.80 views

CVE-2021-32000

A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enter...

7.1CVSS5.1AI score0.0002EPSS
CVE
CVEadded 2015/11/09 3:59 a.m.79 views

CVE-2015-2696

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.

7.1CVSS7AI score0.10768EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.79 views

CVE-2015-8930

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.

7.5CVSS7.5AI score0.04803EPSS
CVE
CVEadded 2016/07/05 1:59 a.m.78 views

CVE-2016-4957

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

7.5CVSS6.2AI score0.6295EPSS
CVE
CVEadded 2024/11/10 10:15 p.m.77 views

CVE-2024-46953

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

7.8CVSS7.2AI score0.00062EPSS
CVE
CVEadded 2015/11/09 3:59 a.m.76 views

CVE-2015-2695

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

5CVSS7AI score0.04048EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.74 views

CVE-2015-8925

The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.

5.5CVSS6.2AI score0.00506EPSS
CVE
CVEadded 2015/12/07 8:59 p.m.72 views

CVE-2015-5006

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.

2.1CVSS5.4AI score0.00073EPSS
CVE
CVEadded 2016/05/24 3:59 p.m.69 views

CVE-2016-0264

Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unsp...

6.8CVSS7.2AI score0.12648EPSS
CVE
CVEadded 2014/10/15 10:55 p.m.68 views

CVE-2014-6564

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.

4CVSS6.1AI score0.00471EPSS
CVE
CVEadded 2017/03/17 2:59 p.m.67 views

CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

5.5CVSS5.7AI score0.00473EPSS
CVE
CVEadded 2016/06/06 5:59 p.m.66 views

CVE-2015-5041

The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.

9.1CVSS8.7AI score0.01297EPSS
CVE
CVEadded 2014/10/15 3:55 p.m.63 views

CVE-2014-6474

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.

3.5CVSS6.1AI score0.0038EPSS
CVE
CVEadded 2024/11/10 10:15 p.m.63 views

CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

5.5CVSS6.4AI score0.00051EPSS
CVE
CVEadded 2017/04/05 5:59 p.m.61 views

CVE-2015-4680

FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.

7.5CVSS7.4AI score0.00277EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.61 views

CVE-2015-8929

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

5.5CVSS5.8AI score0.00271EPSS
CVE
CVEadded 2017/03/17 2:59 p.m.60 views

CVE-2014-9852

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.

9.8CVSS8.7AI score0.01316EPSS
CVE
CVEadded 2023/02/15 10:15 a.m.58 views

CVE-2022-45153

An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. ...

7.8CVSS7.1AI score0.00049EPSS
CVE
CVEadded 2016/04/08 3:59 p.m.55 views

CVE-2015-5969

The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 a...

6.2CVSS6AI score0.00134EPSS
CVE
CVEadded 2017/03/23 6:59 a.m.40 views

CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root).

7.8CVSS7.7AI score0.00113EPSS
Total number of security vulnerabilities145