Lucene search
K
SuseLinux Enterprise Software Development Kit

296 matches found

CVE
CVE
added 2014/10/15 10:3 p.m.126 views

CVE-2014-6494

CVE-2014-6494 is an unspecified vulnerability in Oracle MySQL Server (affected: 5.5.39 and earlier; 5.6.20 and earlier) that can allow remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL. The IBM advisory lists the CVE among several issues affecting MySQL Server compon...

4.3CVSS6.4AI score0.04847EPSS
CVE
CVE
added 2015/05/14 10:0 a.m.126 views

CVE-2015-0797

CVE-2015-0797 affects GStreamer up to 1.4.4 (GStreamer 1.4.x) when used by Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux. The flaw is a buffer over-read in H.264 video data processing in the GStreamer pipeline (m4v files) that can cause a denial o...

6.8CVSS8AI score0.0544EPSS
CVE
CVE
added 2020/01/23 6:42 p.m.126 views

CVE-2015-1931

CVE-2015-1931 affects IBM Java Security Components in IBM SDK, Java Technology Edition across multiple IBM Java releases. The issue arises from storing plaintext data in memory dumps, enabling local users to read sensitive information from memory dumps. Related IBM advisories (e.g., IBM Security ...

5.5CVSS5.4AI score0.00222EPSS
CVE
CVE
added 2017/04/13 5:0 p.m.126 views

CVE-2015-8567

CVE-2015-8567 describes a memory leak in the QEMU vmxnet3 device emulator (net/vmxnet3.c) that could allow a remote attacker to cause a denial of service via memory exhaustion. The vulnerability is part of multiple CVEs in QEMU; Debian security advisories report fixes in stable Jessie to version ...

7.7CVSS7.7AI score0.05557EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.124 views

CVE-2010-3437

The vulnerability CVE-2010-3437 affects the Linux kernel (before 2.6.36-rc6) in pkt_find_dev_from_minor within drivers/block/pktcdvd.c. A crafted index value passed via PKT_CTRL_CMD_STATUS ioctl can cause a signedness error, enabling local attackers to read kernel memory or trigger a crash (DoS)....

6.6CVSS5.6AI score0.02396EPSS
In wildWeb
CVE
CVE
added 2010/12/30 6:0 p.m.124 views

CVE-2010-3848

CVE-2010-3848 is a Linux kernel vulnerability: a stack-based buffer overflow in econet_sendmsg (net/econet/af_econet.c) when Econet is configured, caused by handling a large number of iovec structures. This allows local privilege escalation. The flaw affects Linux kernels before 2.6.36.2 and is a...

6.9CVSS6.3AI score0.00703EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.124 views

CVE-2010-4072

CVE-2010-4072 affects the Linux kernel: the copy_shmid_to_user function in ipc/shm.c (pre-2.6.37-rc1) does not initialize a certain structure, enabling local users to leak potentially sensitive information from kernel stack memory via the shmctl interface and the old shm interface. Affected produ...

1.9CVSS5.8AI score0.00384EPSS
CVE
CVE
added 2010/12/10 6:0 p.m.124 views

CVE-2010-4157

CVE-2010-4157 involves an integer overflow in the Linux kernel’s GDTH SCSI driver (gdth_ioctl_alloc/ioc_general) on 64-bit platforms. A 32/64-bit mismatch when handling a large argument in an ioctl can cause memory corruption, enabling a local user to trigger a denial of service (and potentially ...

6.2CVSS7.8AI score0.0054EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.124 views

CVE-2012-4213

The CVE-2012-4213 issue is a concrete use-after-free vulnerability in Mozilla codepath: nsEditor::FindNextLeafNode affects Firefox and related products. Affected components per the initial description are Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14, with remote...

9.3CVSS8.8AI score0.06155EPSS
CVE
CVE
added 2012/11/21 11:0 a.m.124 views

CVE-2012-5841

CVE-2012-5841 affects Mozilla Firefox (before 17.0), Firefox ESR (10.x before 10.0.11), Thunderbird (before 17.0), Thunderbird ESR (before 10.0.11) and SeaMonkey (before 2.14). The issue arises from cross-origin wrappers with a filtering behavior that fails to restrict write actions, enabling rem...

4.3CVSS7.8AI score0.0193EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.124 views

CVE-2013-0756

CVE-2013-0756 corresponds to a use-after-free in Mozilla Firefox’s obj_toSource path that can be triggered by a crafted web page referencing JavaScript Proxy objects, allowing remote code execution via standard web-visit attack vectors. Affected products include Firefox (pre-18.0), Firefox ESR 17...

9.3CVSS9.3AI score0.04199EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.124 views

CVE-2013-3812

CVE-2013-3812 affects Oracle MySQL Server prior to 5.5.31 and 5.6.11, where an unspecified vulnerability in Server Replication allows remote authenticated users to affect availability via unknown vectors. The information explicitly cites availability impact (PARTIAL) but vectors and root cause ar...

3.5CVSS5AI score0.02764EPSS
CVE
CVE
added 2013/12/11 3:0 p.m.124 views

CVE-2013-5614

Affected software: Mozilla Firefox <= 25.x/26.0 and SeaMonkey

4.3CVSS9.1AI score0.02353EPSS
CVE
CVE
added 2014/03/19 10:0 a.m.124 views

CVE-2014-1502

CVE-2014-1502 affects Mozilla Firefox (pre-28.0) and SeaMonkey (pre-2.25). The vulnerability arises in WebGL functions WebGL.compressedTexImage2D and WebGL.compressedTexSubImage2D, enabling remote attackers to bypass Same Origin Policy and render content from a different domain via unspecified ve...

6.8CVSS9.1AI score0.01147EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.124 views

CVE-2014-6464

CVE-2014-6464 is an unspecified vulnerability in Oracle MySQL Server affecting 5.5.39 and earlier and 5.6.20 and earlier, allowing remote authenticated users to affect availability via SERVER:INNODB DML FOREIGN KEYS. The CVSS Base Score is 4.0 (MEDIUM). Affected advisories and vendors indicate re...

4CVSS5.6AI score0.04098EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.124 views

CVE-2014-6496

CVE-2014-6496 affects Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier, via CLIENT:SSL:yaSSL, causing availability issues (remote, unauthenticated). Affects MySQL Server component CLIENT:SSL:yaSSL; root cause is unspecified in the provided text. Public details across connected source...

4.3CVSS6.4AI score0.04349EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.124 views

CVE-2014-6555

CVE-2014-6555 is a MySQL Server vulnerability (affecting 5.5.39 and earlier and 5.6.20 and earlier) that allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. The connected sources identify a package-wide remediation: upgrade t...

6.5CVSS6.1AI score0.03896EPSS
CVE
CVE
added 2016/04/08 2:0 p.m.124 views

CVE-2016-2315

CVE-2016-2315 : Git before 2.7.4 contains an integer truncation/overrun in revision.c that can cause a heap-based buffer overflow when handling crafted path information (e.g., long filenames or many nested trees). This may allow remote code execution. A fix is to update Git to version 2.7.4 or la...

10CVSS9.6AI score0.17979EPSS
CVE
CVE
added 2016/04/08 2:0 p.m.124 views

CVE-2016-2324

CVE-2016-2324 affects Git prior to 2.7.4. A heap-based buffer overflow is triggered by path-related inputs (e.g., long filenames or deeply nested trees), enabling remote code execution. Public advisories from Debian, Ubuntu, Arch, CentOS, and Cloud Foundry reference two related buffer-overflow vu...

10CVSS9.7AI score0.18808EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.123 views

CVE-2010-4083

CVE-2010-4083 affects the Linux kernel (pre-2.6.36). The vulnerable code path is copy_semid_to_user() in ipc/sem.c, where a structure is not initialized, enabling local attackers to leak kernel stack memory via semctl commands (IPC_INFO, SEM_INFO, IPC_STAT, SEM_STAT). The issue is mitigated by up...

1.9CVSS5.8AI score0.00387EPSS
CVE
CVE
added 2014/07/17 2:36 a.m.123 views

CVE-2014-4207

CVE-2014-4207 is described as an unspecified vulnerability in the MySQL Server component affecting Oracle MySQL 5.5.37 and earlier, enabling remote authenticated users to impact availability via the SROPTZR vector. Connected sources map the issue to MariaDB/MariaDB Galera contexts as well, with r...

4CVSS6.1AI score0.03911EPSS
CVE
CVE
added 2014/07/17 10:0 a.m.123 views

CVE-2014-4243

CVE-2014-4243 affects the MySQL Server component (Oracle MySQL) prior to 5.5.35 and 5.6.15. The vulnerability could allow remote authenticated users to affect availability via ENFED-related vectors. Open-source/integrated advisories reference MariaDB/RHEL/SUSE mitigations; remediation in these co...

2.8CVSS5AI score0.03404EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.123 views

CVE-2014-6505

CVE-2014-6505 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier, via a vulnerability in the SERVER:MEMORY STORAGE ENGINE that can impact availability when exploited by remote authenticated users. Public advisories (RHSA-2014-1940/1862 and related Red Hat notes) indicate fixes ...

4CVSS6.2AI score0.02667EPSS
CVE
CVE
added 2015/01/21 7:0 p.m.123 views

CVE-2015-0432

CVE-2015-0432 is listed against Oracle/MySQL/MariaDB 5.5.x in multiple advisories. Public details in connected docs show fixes in 5.5.41 (RHSA-2015:0117) and 5.5.45 (ELSA-2015-1628/CentOS-CE), indicating a vulnerability affecting MySQL/MariaDB server components related to InnoDB/DDL-Foreign Key; ...

4CVSS6.1AI score0.0394EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.122 views

CVE-2010-3849

CVE-2010-3849 affects the Linux kernel’s econet_sendmsg path (net/econet/af_econet.c) prior to 2.6.36.2, when an Econet address is configured. A local user can trigger a denial of service by issuing a sendmsg with a NULL remote address, causing a NULL pointer dereference and OOPS. The correspondi...

4.7CVSS5.7AI score0.00711EPSS
In wild
CVE
CVE
added 2014/02/06 2:0 a.m.122 views

CVE-2014-1480

Technical details about CVE-2014-1480 are not publicly provided in the connected documents. The available description notes a clickjacking/ unintended file launch issue in Firefox/SeaMonkey, but specifics (affected versions, root cause, exploitability, and fixes) are not included.

4.3CVSS8.9AI score0.02683EPSS
CVE
CVE
added 2015/11/09 2:0 a.m.122 views

CVE-2015-2697

CVE-2015-2697 affects MIT Kerberos 5 (krb5) prior to 1.14. The issue is triggered via a remote authenticated TGS request where the realm field starts with a null byte, enabling an out-of-bounds condition that can crash the KDC (denial of service). The connected document confirms the vulnerability...

4CVSS6.9AI score0.04128EPSS
CVE
CVE
added 2013/12/11 3:0 p.m.121 views

CVE-2013-5619

CVE-2013-5619 describes a vulnerability in Mozilla’s SpiderMonkey JavaScript engine where the binary-search implementation could overflow, potentially enabling a remote attacker to cause a denial of service via crafted JavaScript. The initial Mozilla/OpenSUSE/IBM advisories confirm this is a Java...

7.5CVSS9.5AI score0.03707EPSS
CVE
CVE
added 2013/12/11 3:0 p.m.121 views

CVE-2013-6672

CVE-2013-6672: Firefox (Linux) and SeaMonkey are affected by a Linux clipboard information disclosure via middle-click paste. The initial entry specifies Firefox < 26.0 and SeaMonkey

4.3CVSS9AI score0.03341EPSS
CVE
CVE
added 2017/02/03 3:0 p.m.121 views

CVE-2016-2317

GraphicsMagick’s SVG processing for CVE-2016-2317 comprises stack and heap buffer overflows in MVG/SVG rendering (TracePoint, GetToken, GetTransformTokens). Connected advisories confirm this was addressed in newer GraphicsMagick packages across distros (e.g., Debian Jessie: 1.3.20-3+deb8u2; Stret...

5.5CVSS6.8AI score0.0199EPSS
CVE
CVE
added 2009/10/19 7:27 p.m.120 views

CVE-2009-3612

CVE-2009-3612 affects the Linux kernel’s net/sched/cls_api.c tcf_fill_node in the netlink subsystem. The issue is that a tcm__pad2 structure member is not initialized, potentially allowing local attackers to read sensitive kernel memory. Affected: kernel 2.6.x prior to 2.6.32-rc5 and 2.4.37.6 and...

2.1CVSS6.1AI score0.00399EPSS
CVE
CVE
added 2012/06/05 11:0 p.m.120 views

CVE-2012-1938

CVE-2012-1938 affects Mozilla's browser engine and is described in the MiracleLinux AXSA:2012-857 advisory as multiple vulnerabilities in Firefox (and related components) that could allow memory corruption and remote code execution. Specifically, it impacts Mozilla Firefox before 13.0, Thunderbir...

9.3CVSS9.9AI score0.04899EPSS
CVE
CVE
added 2012/08/29 10:0 a.m.120 views

CVE-2012-3976

CVE-2012-3976 affects Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12. The issue arises from improper handling of onLocationChange events when navigating between https sites, allowing remote attackers to spoof the X.509 certificate information in the address...

4.3CVSS8.6AI score0.01779EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.120 views

CVE-2013-0762

CVE-2013-0762 is a use-after-free in imgRequest::OnStopFrame affecting Mozilla Firefox prior to 18.0 (and ESR 10.x before 10.0.12, ESR 17.x before 17.0.1), Thunderbird prior to 17.0.2, and SeaMonkey prior to 2.15. It can allow remote code execution or a denial of service via heap memory corruptio...

9.3CVSS9.6AI score0.04713EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.120 views

CVE-2013-3783

CVE-2013-3783 affects the MySQL Server component in Oracle MySQL 5.5.31 and earlier. The vulnerability is described as unspecified and allows remote authenticated users to affect availability via unknown vectors related to the Server Parser. Connected sources reference this CVE within broader Ora...

4CVSS5AI score0.0309EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.120 views

CVE-2014-4287

CVE-2014-4287 describes an unspecified vulnerability in Oracle MySQL Server, affecting versions 5.5.38 and earlier and 5.6.19 and earlier, that allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS. The description indicates the issue is focused on ...

4CVSS6.2AI score0.02667EPSS
CVE
CVE
added 2015/12/07 8:0 p.m.120 views

CVE-2015-5006

CVE-2015-5006 affects IBM SDK/Java Technology Edition (IBM Java Security Components) on multiple versions (8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, 6 before SR16 FP15). The root cause is exposure of Kerberos Credential Cache data, enabling physically proximate ...

2.1CVSS5.4AI score0.00482EPSS
CVE
CVE
added 2007/12/04 12:0 a.m.118 views

CVE-2007-6206

CVE-2007-6206 affects the Linux kernel (2.4.x and 2.6.x up to 2.6.24-rc3). The issue lies in the do_coredump function in fs/exec.c, where the core dump file’s UID is not changed if a core dump already exists in the same location when a root-owned process dumps a core. This behavior could allow a ...

2.1CVSS5.2AI score0.00425EPSS
CVE
CVE
added 2009/03/06 11:0 a.m.118 views

CVE-2009-0834

The CVE-2009-0834 issue affects the Linux kernel up to 2.6.28.7 on x86_64, where audit_syscall_entry mishandles 32-bit processes making 64-bit syscalls or 64-bit processes making 32-bit syscalls. This can allow local users to bypass certain syscall audit configurations, and is related to CVE-2009...

3.6CVSS4.6AI score0.00441EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.118 views

CVE-2013-0767

CVE-2013-0767 affects Mozilla Firefox (and related Mozilla components) with the nsSVGPathElement::GetPathLengthScale path handling. The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service via an out-of-bounds read, reported for Firefox before 18.0, ESR 10....

10CVSS9.5AI score0.05815EPSS
CVE
CVE
added 2014/02/06 2:0 a.m.118 views

CVE-2014-1485

CVE-2014-1485 affects Mozilla Firefox (prior to 27.0) and SeaMonkey (prior to 2.24). The CSP implementation in these browsers evaluates style-src directives for XSLT processing rather than script-src, potentially allowing remote attackers to execute arbitrary XSLT code through insufficient style-...

7.5CVSS9.4AI score0.02995EPSS
CVE
CVE
added 2014/03/19 10:0 a.m.118 views

CVE-2014-1498

CVE-2014-1498 : The vulnerability affects Mozilla Firefox before 28.0 and SeaMonkey before 2.25, where crypto.generateCRMFRequest fails to validate a specific key type. This can cause remote crashes/DoS via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algo...

5CVSS8.8AI score0.01778EPSS
CVE
CVE
added 2014/03/19 10:0 a.m.118 views

CVE-2014-1500

CVE-2014-1500 affects Mozilla Firefox prior to 28.0 and SeaMonkey prior to 2.25. The issue allows remote attackers to cause resource exhaustion and application hang via onbeforeunload events that trigger background JavaScript execution. Exploitation details are not provided in the available docum...

5CVSS9AI score0.03541EPSS
CVE
CVE
added 2009/10/20 5:0 p.m.117 views

CVE-2009-2910

CVE-2009-2910 affects the Linux kernel’s ia32 entry path on x86_64. The issue is that arch/x86/ia32/ia32entry.S does not clear certain kernel registers before returning to user mode, which allows a local attacker to read register values from an earlier process after switching an ia32 process into...

2.1CVSS5.9AI score0.00414EPSS
CVE
CVE
added 2011/01/07 11:0 a.m.117 views

CVE-2010-4160

The CVE-2010-4160 issue is present in the Linux kernel before 2.6.36.2, involving multiple integer overflows in the PPPoL2TP and IPoL2TP sendmsg paths (pppol2tp_sendmsg and l2tp_ip_sendmsg). The vulnerability can allow local users to trigger a denial of service through heap memory corruption and ...

6.9CVSS7.5AI score0.00529EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.117 views

CVE-2013-3804

CVE-2013-3804 affects Oracle MySQL Server prior to specific versions (5.1.69 and earlier, 5.5.31 and earlier, 5.6.11 and earlier). The issue is described as an unspecified vulnerability in the Server Optimizer that remote authenticated users can exploit to affect availability via unknown vectors....

4CVSS4.3AI score0.02983EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.117 views

CVE-2014-6463

CVE-2014-6463 affects Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier; impact is availability via SERVER:REPLICATION ROW FORMAT BINARY LOG DML when an authenticated remote user runs DML. Red Hat advisories RHSA-2014-1940 and related RHSA entries indicate that MariaDB/MariaDB-Galera ...

3.3CVSS6.1AI score0.02815EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.116 views

CVE-2010-4080

CVE-2010-4080 affects the Linux kernel: snd_hdsp_hwdep_ioctl in sound/pci/rme9652/hdsp.c does not initialize a structure, enabling local attackers to leak kernel stack information via SNDRV_HDSP_IOCTL_GET_CONFIG_INFO. Affected products/versions: Linux kernel before 2.6.36-rc6. Impact is an inform...

2.1CVSS5.6AI score0.0042EPSS
CVE
CVE
added 2013/01/13 8:0 p.m.116 views

CVE-2013-0766

CVE-2013-0766 is a use-after-free in the ~nsHTMLEditRules implementation affecting Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15. The vulnerabili...

9.3CVSS9.5AI score0.04713EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.116 views

CVE-2013-3808

CVE-2013-3808 affects Oracle MySQL Server up to certain older releases: 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier. The vulnerability is described as unspecified and remote-authenticated, impacting availability via unknown vectors related to Server Options. No exploitation det...

4CVSS4.2AI score0.02827EPSS
Total number of security vulnerabilities296