Linux Enterprise Security Vulnerabilities and Issues — Linux Enterprise CVE List

Lucene search

SuseLinux Enterprise

7 matches found

CVE•added 2010/06/08 6:30 p.m.•997 views

CVE-2010-1297

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SW...

9.3CVSS9.7AI score0.93537EPSS

CVE•added 2010/01/13 7:30 p.m.•960 views

CVE-2009-3953

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different...

10CVSS7.4AI score0.90514EPSS

CVE•added 2010/11/05 5:0 p.m.•355 views

CVE-2010-2941

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

9.8CVSS9.6AI score0.27685EPSS

CVE•added 2010/12/06 9:5 p.m.•116 views

CVE-2010-4180

OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing networ...

4.3CVSS6.6AI score0.0599EPSS

CVE•added 2010/04/07 3:30 p.m.•72 views

CVE-2010-0629

Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.

6.5CVSS5.9AI score0.02284EPSS

CVE•added 2010/01/09 6:30 p.m.•63 views

CVE-2010-0013

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it c...

7.5CVSS7.5AI score0.32962EPSS

CVE•added 2010/05/07 11:0 p.m.•63 views

CVE-2010-1866

The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in...

9.8CVSS9.4AI score0.0156EPSS