Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SuseSuse Linux

207 matches found

CVE
CVEadded 2005/04/14 4:0 a.m.53 views

CVE-2004-1091

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

5CVSS6.2AI score0.0106EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.53 views

CVE-2004-1142

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

5CVSS6.2AI score0.08831EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.53 views

CVE-2004-1175

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.

7.5CVSS7.2AI score0.00949EPSS
CVE
CVEadded 2001/06/27 4:0 a.m.52 views

CVE-2001-0458

Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.

7.5CVSS7.3AI score0.01717EPSS
CVE
CVEadded 2004/10/20 4:0 a.m.52 views

CVE-2004-0746

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

7.5CVSS6.7AI score0.01495EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.52 views

CVE-2004-0933

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection v...

7.5CVSS6.4AI score0.30032EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.52 views

CVE-2004-0936

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5CVSS6.4AI score0.132EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.52 views

CVE-2004-1092

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

5CVSS6.3AI score0.00763EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.52 views

CVE-2004-1145

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary fi...

5CVSS6.8AI score0.06715EPSS
CVE
CVEadded 2005/06/21 4:0 a.m.52 views

CVE-2005-2023

The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail.

10CVSS6.5AI score0.00471EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.51 views

CVE-2002-0004

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

7.2CVSS7.2AI score0.00274EPSS
CVE
CVEadded 2005/02/09 5:0 a.m.51 views

CVE-2004-0937

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target syst...

7.5CVSS6.4AI score0.132EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.51 views

CVE-2004-1098

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

7.5CVSS6.5AI score0.00447EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.51 views

CVE-2004-1191

Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages."

1.2CVSS7.3AI score0.00058EPSS
CVE
CVEadded 2007/01/24 1:28 a.m.51 views

CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

10CVSS6.5AI score0.00529EPSS
CVE
CVEadded 2010/01/22 9:30 p.m.51 views

CVE-2010-0230

SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.

7.5CVSS6.8AI score0.00218EPSS
CVE
CVEadded 2000/01/18 5:0 a.m.50 views

CVE-1999-0831

Denial of service in Linux syslogd via a large number of connections.

5CVSS6.9AI score0.0052EPSS
CVE
CVEadded 2006/02/28 1:0 a.m.50 views

CVE-2003-1295

Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."

2.1CVSS6.5AI score0.00065EPSS
CVE
CVEadded 2007/12/20 9:0 p.m.50 views

CVE-2003-1538

susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.

6.4CVSS7.7AI score0.00452EPSS
CVE
CVEadded 2006/01/23 8:0 p.m.50 views

CVE-2004-0592

The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative i...

5CVSS6.5AI score0.01738EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.50 views

CVE-2004-0934

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5CVSS6.4AI score0.14187EPSS
CVE
CVEadded 2005/03/04 5:0 a.m.50 views

CVE-2005-0638

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

7.5CVSS7.1AI score0.02388EPSS
CVE
CVEadded 2006/12/20 11:28 p.m.50 views

CVE-2006-6662

Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9, under unspecified conditions, allows local users to log in to the console without a password.

4.1CVSS6.7AI score0.00056EPSS
CVE
CVEadded 2007/11/29 1:46 a.m.50 views

CVE-2007-6167

Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory.

7.2CVSS7.2AI score0.00057EPSS
CVE
CVEadded 2000/03/22 5:0 a.m.49 views

CVE-1999-0746

A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.

5CVSS6.6AI score0.04014EPSS
CVE
CVEadded 2000/04/10 4:0 a.m.49 views

CVE-2000-0218

Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.

7.2CVSS7.2AI score0.00152EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.49 views

CVE-2001-0641

Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.

4.6CVSS7.5AI score0.00253EPSS
CVE
CVEadded 2005/10/27 10:2 a.m.49 views

CVE-2005-3322

Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).

5CVSS6.6AI score0.0071EPSS
CVE
CVEadded 2001/09/18 4:0 a.m.48 views

CVE-2001-0388

time server daemon timed allows remote attackers to cause a denial of service via malformed packets.

10CVSS6.7AI score0.00992EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.48 views

CVE-2003-0846

SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file.

4.6CVSS6.7AI score0.00073EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.48 views

CVE-2004-0626

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the...

5CVSS6.2AI score0.01738EPSS
CVE
CVEadded 2005/01/19 5:0 a.m.48 views

CVE-2004-0991

Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.

7.5CVSS7.6AI score0.05027EPSS
CVE
CVEadded 2006/04/26 10:0 p.m.48 views

CVE-2005-4790

Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy ...

6.9CVSS7.1AI score0.00085EPSS
CVE
CVEadded 2006/02/23 8:2 p.m.48 views

CVE-2006-0803

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

5CVSS6.5AI score0.00212EPSS
CVE
CVEadded 2000/03/22 5:0 a.m.47 views

CVE-1999-0390

Buffer overflow in Dosemu Slang library in Linux.

7.2CVSS7.3AI score0.00071EPSS
CVE
CVEadded 2000/06/02 4:0 a.m.47 views

CVE-2000-0231

Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.

7.2CVSS6.9AI score0.00148EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.47 views

CVE-2000-1107

in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.

5CVSS7AI score0.00886EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.47 views

CVE-2001-1130

Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the dire...

7.5CVSS7.5AI score0.04404EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.47 views

CVE-2004-0932

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being...

7.5CVSS6.3AI score0.43585EPSS
CVE
CVEadded 2007/05/14 9:19 p.m.47 views

CVE-2007-2654

xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.

4.4CVSS6AI score0.00038EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.46 views

CVE-1999-0363

SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.

7.2CVSS7.5AI score0.0041EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.46 views

CVE-1999-0409

Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.

4.6CVSS6.9AI score0.00152EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.46 views

CVE-1999-0462

suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk.

7.2CVSS6.9AI score0.00046EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.46 views

CVE-1999-0804

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

5CVSS7AI score0.03718EPSS
CVE
CVEadded 2001/09/12 4:0 a.m.46 views

CVE-1999-1495

xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.

2.1CVSS6.7AI score0.00063EPSS
CVE
CVEadded 2005/02/13 5:0 a.m.46 views

CVE-2004-1476

Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.

5.1CVSS7.6AI score0.02053EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.45 views

CVE-2000-0340

Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable.

7.2CVSS7.8AI score0.00189EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.45 views

CVE-2000-1044

Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.

10CVSS6.8AI score0.00452EPSS
CVE
CVEadded 2001/03/26 5:0 a.m.45 views

CVE-2001-0172

Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.

7.2CVSS7.7AI score0.00263EPSS
CVE
CVEadded 2001/08/02 4:0 a.m.45 views

CVE-2001-0610

kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.

4.6CVSS6.5AI score0.00114EPSS
Total number of security vulnerabilities207