Lucene search
K
SuseLinux Enterprise Software Development Kit

296 matches found

CVE
CVE
added 2014/02/06 2:0 a.m.141 views

CVE-2014-1489

Technical details for CVE-2014-1489 are not publicly available in the provided documents. Monitor for updates from vendors and vulnerability feeds.

4.3CVSS8.7AI score0.01932EPSS
CVE
CVE
added 2015/01/21 3:0 p.m.141 views

CVE-2014-6568

CVE-2014-6568 is an Oracle MySQL/MariaDB vulnerability affecting InnoDB DML leading to potential availability impact in MySQL Server 5.5.x (<=5.5.40) and 5.6.x (

3.5CVSS6.1AI score0.07135EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.140 views

CVE-2013-0768

Technical details for CVE-2013-0768 are not publicly available in the provided documents. Monitor for updates.

9.3CVSS9.6AI score0.07633EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.139 views

CVE-2013-0760

CVE-2013-0760 describes a buffer overflow in Mozilla Firefox’s CharDistributionAnalysis::HandleOneChar, allowing remote code execution via a crafted document. Affected products per the description: Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15. Root cause is a memory c...

9.3CVSS9.4AI score0.05334EPSS
Web
CVE
CVE
added 2014/07/17 2:36 a.m.139 views

CVE-2014-2494

CVE-2014-2494 is an unspecified vulnerability in the MySQL/MariaDB MySQL Server component (affecting Oracle MySQL 5.5.37 and earlier) that can allow remote authenticated users to affect availability via vectors related to ENARC. Connected sources also tie this CVE to MariaDB advisories and tracke...

4CVSS6.1AI score0.03482EPSS
CVE
CVE
added 2008/01/18 10:0 p.m.138 views

CVE-2007-6427

CVE-2007-6427 affects the X.Org Xserver (XInput-Misc extension) prior to version 1.4.1. The root cause is missing input sanitising within the XInput‑Misc code, which can lead to local privilege escalation. In public advisories, this is described as a vulnerability in the XInput‑Misc path that all...

9.3CVSS9.8AI score0.04278EPSS
CVE
CVE
added 2012/02/01 4:0 p.m.138 views

CVE-2012-0449

CVE-2012-0449 affects Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7. Description: remote attackers can cause memory corruption and application crash, or possibly execute arbitrary code via a malformed XSLT stylesheet emb...

9.3CVSS9.9AI score0.05809EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.138 views

CVE-2013-0749

CVE-2013-0749 describes multiple unspecified vulnerabilities in the Mozilla Firefox browser engine (before 18.0) and related products (Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2 and ESR 17.x before 17.0.1, SeaMonkey before 2.15). The description states that remote attackers could c...

9.3CVSS9.8AI score0.05802EPSS
CVE
CVE
added 2016/09/20 2:0 p.m.138 views

CVE-2015-8934

CVE-2015-8934 affects libarchive up to version 3.2.0, with a flaw in copy_from_lzss_window inside archive_read_support_format_rar.c that can trigger an out-of-bounds heap read via a crafted RAR file, leading to denial of service. Public advisories from multiple vendors describe this as part of a ...

5.5CVSS6AI score0.023EPSS
CVE
CVE
added 2012/02/01 4:0 p.m.137 views

CVE-2011-3659

CVE-2011-3659 is a use-after-free in Mozilla Firefox (before 3.6.26 and 4.x through 9.0), Thunderbird (before 3.1.18 and 5.0 through 9.0), and SeaMonkey (before 2.7). The root cause is premature notification of AttributeChildRemoved that affects access to removed nsDOMAttribute child nodes, enabl...

9.3CVSS9.5AI score0.36511EPSS
CVE
CVE
added 2015/04/16 4:0 p.m.137 views

CVE-2015-0505

CVE-2015-0505 affects Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier. An unspecified remote-authenticated vulnerability related to Data Definition Language (DDL) operations could cause a denial of service. Impact is limited to availability (partial). The public description does no...

3.5CVSS4.8AI score0.05046EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.136 views

CVE-2010-3850

CVE-2010-3850: In the Linux kernel, the ec_dev_ioctl function in net/econet/af_econet.c did not require CAP_NET_ADMIN, allowing local users to bypass access restrictions and configure econet addresses via an SIOCSIFADDR ioctl. Documented impact is local privilege/unauthorized configuration; fix a...

2.1CVSS5.8AI score0.00801EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.136 views

CVE-2010-4081

CVE-2010-4081 affects the Linux kernel (sound/pci/rme9652/hdspm.c: snd_hdspm_hwdep_ioctl). The root cause is failure to initialize a structure, enabling local users to read potentially sensitive kernel stack memory via SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO. Affected: kernel versions prior to 2.6.36-r...

1.9CVSS5.5AI score0.00393EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.136 views

CVE-2013-0761

CVE-2013-0761 is a use-after-free vulnerability in Firefox’s mozilla::TrackUnionStream::EndTrack that could allow remote code execution or a denial of service via heap memory corruption. Affected products include Firefox before 18.0 (and ESR 17.x before 17.0.1), Thunderbird before 17.0.2 (and ESR...

9.3CVSS9.4AI score0.04395EPSS
CVE
CVE
added 2014/07/17 10:0 a.m.136 views

CVE-2014-4260

CVE-2014-4260 is reported in MariaDB/MySQL contexts as an unspecified vulnerability in the MySQL Server component (SRCHAR vectors) that allows remote authenticated users to affect integrity and availability. Public details in the connected documents indicate MariaDB versions prior to 5.5.38 are a...

5.5CVSS6AI score0.03482EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.136 views

CVE-2014-6551

CVE-2014-6551 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier. The connected document notes an unspecified local vulnerability that allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN. No explicit root cause detail or exploit information is ...

2.1CVSS6.1AI score0.0039EPSS
CVE
CVE
added 2015/04/16 4:0 p.m.136 views

CVE-2015-2571

CVE-2015-2571 affects Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier. It is an unspecified vulnerability in the Server: Optimizer that could allow remote authenticated users to cause a denial of service via unknown vectors. Exploitation details are not provided in the supplied docu...

4CVSS4.8AI score0.05252EPSS
CVE
CVE
added 2014/02/06 2:0 a.m.135 views

CVE-2014-1488

CVE-2014-1488 affects Mozilla Firefox < 27.0 and SeaMonkey

10CVSS9.4AI score0.07004EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.135 views

CVE-2016-0651

CVE-2016-0651 is described in connected documents as an unspecified vulnerability in Oracle MySQL Server (5.5.46 and earlier) affecting the Optimizer subcomponent that can allow local users to impact availability. The available sources identify affected product as Oracle MySQL Server and the impa...

5.5CVSS4.6AI score0.01226EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.134 views

CVE-2012-4214

CVE-2012-4214 is a use-after-free in Mozilla Firefox’s nsTextEditorState::PrepareEditor, affecting Firefox before 17.0 and ESR 10.x before 10.0.11, Thunderbird before 17.0/ESR 10.x before 10.0.11, and SeaMonkey before 2.14. The vulnerability can allow remote attackers to execute arbitrary code or...

9.3CVSS9.1AI score0.06074EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.134 views

CVE-2014-6559

CVE-2014-6559 affects Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier. The vulnerability is described as unspecified with respect to C API SSL CERTIFICATE HANDLING and could allow remote attackers to obtain confidential information (partial confidentiality impact). No exploit detai...

4.3CVSS5.6AI score0.04634EPSS
CVE
CVE
added 2015/01/21 6:0 p.m.134 views

CVE-2015-0374

CVE-2015-0374 is a MySQL/MariaDB server vulnerability impacting confidentiality via unknown vectors in Foreign Key handling. Affected products and versions include Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier (and MariaDB/forked releases in corresponding lines). Public advisories...

3.5CVSS5.9AI score0.03131EPSS
CVE
CVE
added 2015/08/12 2:0 p.m.134 views

CVE-2015-5154

CVE-2015-5154 is a heap-based buffer overflow in QEMU’s IDE subsystem (ATAPI handling). A privileged guest with a CDROM drive enabled could potentially execute arbitrary host code via crafted ATAPI I/O. Public docs specify this as a host-attack surface when CD-ROM access is present; Debian securi...

7.2CVSS6.9AI score0.0063EPSS
CVE
CVE
added 2010/09/21 5:0 p.m.133 views

CVE-2010-3067

CVE-2010-3067 affects the Linux kernel: an integer overflow in do_io_submit (fs/aio.c) in versions before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly other impact via crafted io_submit usage. The vulnerability is rooted in improper handling within the io_s...

4.9CVSS6.8AI score0.00428EPSS
CVE
CVE
added 2012/08/29 10:0 a.m.133 views

CVE-2012-3959

CVE-2012-3959 describes a use-after-free in Mozilla Firefox’s nsRangeUpdater::SelAdjDeleteNode, affecting Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12. The vulnerability allows remote attackers to execu...

10CVSS9.5AI score0.04697EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.133 views

CVE-2012-4207

CVE-2012-4207 affects Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0 / ESR 10.x, and SeaMonkey before 2.14. The flaw in the HZ-GB-2312 charset implementation allows remote attackers to perform cross-site scripting (XSS) via a crafted document, due to imprope...

4.3CVSS7.8AI score0.02781EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.133 views

CVE-2013-0745

This CVE (CVE-2013-0745) affects Mozilla Firefox prior to 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15. It is caused by the AutoWrapperChanger not interacting correctly with garbage collection, enabling remote code ...

9.3CVSS9.2AI score0.04485EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.133 views

CVE-2013-0764

CVE-2013-0764 affects Mozilla Firefox (before 18.0), Firefox ESR (before 17.0.2), Thunderbird (before 17.0.2 and ESR 17.x before 17.0.2), and SeaMonkey (before 2.15). The vulnerability is a thread-safety issue in nsSOCKSSocketInfo::ConnectToProxy that can allow remote code execution through craft...

9.3CVSS9.6AI score0.03148EPSS
CVE
CVE
added 2020/01/23 7:52 p.m.133 views

CVE-2015-5239

CVE-2015-5239 : QEMU’s VNC display driver is vulnerable to an integer overflow in the vnc_client_read()/protocol_client_msg() paths when processing a CLIENT_CUT_TEXT message, which can cause an infinite loop and crash the QEMU process. Affected products include QEMU with the VNC display driver pr...

6.5CVSS6.4AI score0.0361EPSS
CVE
CVE
added 2013/12/11 3:0 p.m.132 views

CVE-2013-5612

CVE-2013-5612 is a cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 due to the absence of a charset parameter in the Content-Type header. Connected advisories confirm Firefox/SeaMonkey fixes in 2013–2014 releases (e.g., openSUSE SU-2013:1917, Mirac...

4.3CVSS7.7AI score0.03402EPSS
CVE
CVE
added 2015/01/21 6:0 p.m.132 views

CVE-2015-0391

CVE-2015-0391 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier, with remote authenticated access able to affect availability via DDL-related vectors. Connected advisories confirm MariaDB/Mysql contexts and list affected versions; RHSA-2015:0117 remediation upgrades MariaDB to...

4CVSS6.1AI score0.07196EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.131 views

CVE-2012-4201

CVE-2012-4201 is a concrete Firefox/XULRunner/Thunderbird/SeaMonkey vulnerability: the evalInSandbox path mishandles the context when processing JavaScript that sets location.href, enabling remote XSS or read access to arbitrary files via a sandboxed add-on. Affected software includes Mozilla Fir...

4.3CVSS7.9AI score0.03083EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.131 views

CVE-2012-4202

CVE-2012-4202 describes a heap-based buffer overflow in Firefox’s image::RasterImage::DrawFrameTo, exploitable via a crafted GIF image to execute arbitrary code. Affected products include Mozilla Firefox before 17.0, Firefox ESR before 10.0.11 (10.x), Thunderbird before 17.0, Thunderbird ESR befo...

9.3CVSS9AI score0.11079EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.131 views

CVE-2012-5842

CVE-2012-5842 is a Mozilla Firefox browser engine vulnerability described as multiple unspecified vulnerabilities that can cause memory corruption leading to a crash or possibly remote code execution. Affected products/versions per description: Mozilla Firefox before 17.0, Firefox ESR 10.x before...

9.3CVSS9.4AI score0.04789EPSS
CVE
CVE
added 2020/02/17 8:56 p.m.131 views

CVE-2014-1947

CVE-2014-1947, 2014-1958, and 2014-2030 describe stack-based buffer overflows in ImageMagick’s PSD handling (psd.c): WritePSDImage and DecodePSDPixels functions are implicated. 1947 targets WritePSDImage in ImageMagick 6.5.4 and earlier, enabling potential denial of service or remote code executi...

7.8CVSS8.5AI score0.07024EPSS
CVE
CVE
added 2014/06/05 8:0 p.m.131 views

CVE-2014-3467

GNUTLS/library libtasn1 vulnerability CVE-2014-3467 is due to multiple issues in the DER decoder of GNU Libtasn1 up to version 3.5.x (pre-3.6), exploited by crafted ASN.1 data to cause a denial of service via out-of-bounds read. The issue is confirmed in multiple advisories (F5 SOL15423, ALAS-201...

5CVSS6AI score0.068EPSS
CVE
CVE
added 2015/01/21 6:0 p.m.131 views

CVE-2015-0382

CVE-2015-0382 is a remote-availability vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier, related to Server: Replication, separate from CVE-2015-0381. The connected advisories show multiple vendors/types referencing MySQL/MariaDB vulnerabilities with potential DoS or ...

4.3CVSS6.6AI score0.10066EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.130 views

CVE-2012-5836

CVE-2012-5836 affects Mozilla Firefox (before 17.0), Mozilla Thunderbird (before 17.0), and SeaMonkey (before 2.14). The issue can allow remote code execution or an application crash when CSS properties are combined with SVG text, due to the root cause described by MFSA 2012-94. Public advisories...

7.5CVSS8.7AI score0.04453EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.130 views

CVE-2014-6520

CVE-2014-6520 affects Oracle MySQL Server 5.5.38 and earlier. The vulnerability is described as unspecified and allows remote authenticated users to affect availability via vectors related to SERVER:DDL; impact is noted as partial availability. Connected sources list this CVE among MariaDB/MySQL-...

4CVSS6.2AI score0.02644EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.130 views

CVE-2014-6530

CVE-2014-6530 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier via CLIENT:MYSQLDUMP. Connected advisories reference CVE-2014-6530 and indicate remediation through upgrading MariaDB/MySQL components to fixed versions (e.g., MariaDB/MariaDB-Galera updates to 5.5.40 per RHSA adv...

6.5CVSS6.2AI score0.02667EPSS
CVE
CVE
added 2016/04/13 3:0 p.m.130 views

CVE-2015-8551

CVE-2015-8551 affects the Xen PCI backend driver (pciback) when Xen runs on x86 with a Linux 3.1.x–4.3.x driver domain. The issue arises from missing sanity checks in XEN_PCI_OP_* operations, allowing a local guest administrator with access to a passed-through MSI/MSI-X PCI device to trigger BUG ...

6CVSS5.6AI score0.00451EPSS
CVE
CVE
added 2018/03/01 7:0 p.m.130 views

CVE-2017-14804

Summary (CVE-2017-14804) : The vulnerability affects the build package prior to 20171128, which fails to validate directory names during extraction of build results, enabling writes outside the target buildroot. This is documented in multiple sources (OpenSUSE SUSE announcements, OSS updates, and...

9.9CVSS5.9AI score0.01744EPSS
CVE
CVE
added 2019/03/17 4:44 p.m.130 views

CVE-2017-16232

CVE-2017-16232 affects LibTIFF 4.0.8, which is reported to have multiple memory‑leak vulnerabilities that can lead to memory exhaustion/DoS. The initial entry notes third parties could not reproduce the issue. Connected advisories reference LibTIFF-related CVEs and indicate that fixes exist in la...

7.5CVSS6.7AI score0.04766EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.129 views

CVE-2010-3442

Technical details for CVE-2010-3442 are not publicly provided in the connected documents. The sources reference the CVE and affected kernel versions but do not describe exploitability, impact specifics, or fixes. Monitor for vendor advisories and updates.

4.7CVSS6.5AI score0.00395EPSS
CVE
CVE
added 2012/08/29 10:0 a.m.129 views

CVE-2012-3967

CVE-2012-3967 is a Firefox/WebGL vulnerability on Linux where the WebGL implementation fails to interact correctly with Mesa drivers when a large number of sampler uniforms are used. This can let remote attackers execute arbitrary code or cause a denial of service (stack memory corruption) via a ...

9.3CVSS9.3AI score0.04392EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.128 views

CVE-2013-0747

Technical details for CVE-2013-0747 are not publicly provided in the supplied documents. Monitor for updates.

6.8CVSS9AI score0.02189EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.128 views

CVE-2013-3802

CVE-2013-3802 affects Oracle MySQL server up to specific versions: 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier. The vulnerability is described as unspecified and allows remote authenticated users to affect availability via unknown vectors related to Full Text Search. Connected ...

4CVSS4.3AI score0.03245EPSS
CVE
CVE
added 2015/01/21 6:0 p.m.128 views

CVE-2015-0381

Technical details for CVE-2015-0381 are not publicly available in the provided documents. No specific affected products, versions, root cause, impact, or fixes are described here; monitor for updates.

4.3CVSS6.6AI score0.05428EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.127 views

CVE-2013-0752

Technical details for CVE-2013-0752 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

9.3CVSS9.4AI score0.06623EPSS
CVE
CVE
added 2020/01/23 6:42 p.m.127 views

CVE-2015-1931

CVE-2015-1931 affects IBM Java Security Components in IBM SDK, Java Technology Edition across multiple IBM Java releases. The issue arises from storing plaintext data in memory dumps, enabling local users to read sensitive information from memory dumps. Related IBM advisories (e.g., IBM Security ...

5.5CVSS5.4AI score0.00222EPSS
Total number of security vulnerabilities296