Filtered by vendor Suse
Subscribe
Total
1091 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14621 | 1 Suse | 1 Portus | 2017-09-28 | 3.5 LOW | 5.4 MEDIUM |
| Portus 2.2.0 has XSS via the Team field, related to typeahead. | |||||
| CVE-2012-5080 | 2 Oracle, Suse | 2 Javafx, Linux Enterprise Desktop | 2017-09-18 | 7.6 HIGH | N/A |
| Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2012-5078. | |||||
| CVE-2013-1864 | 3 Ekiga, Opalvoip, Suse | 4 Ekiga, Portable Tool Library, Suse Linux Enterprise Desktop and 1 more | 2017-08-28 | 4.3 MEDIUM | N/A |
| The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack." | |||||
| CVE-2011-3171 | 2 Pureftpd, Suse | 3 Pure-ftpd, Linux Enterprise Desktop, Linux Enterprise Server | 2017-08-28 | 3.6 LOW | N/A |
| Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors. | |||||
| CVE-2011-2660 | 1 Suse | 2 Linux Enterprise Desktop, Vpnc | 2017-08-28 | 7.5 HIGH | N/A |
| The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name. | |||||
| CVE-2011-0469 | 1 Suse | 1 Opensuse | 2017-08-25 | 9.0 HIGH | 9.8 CRITICAL |
| Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011. | |||||
| CVE-2016-3951 | 4 Canonical, Linux, Novell and 1 more | 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 7 more | 2017-08-12 | 4.9 MEDIUM | 4.6 MEDIUM |
| Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor. | |||||
| CVE-2008-3949 | 1 Suse | 1 Suse Linux | 2017-08-07 | 7.2 HIGH | N/A |
| emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file. | |||||
| CVE-2008-3067 | 1 Suse | 1 Opensuse | 2017-08-07 | 2.1 LOW | N/A |
| sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits. | |||||
| CVE-2008-2667 | 2 Courier-mta, Suse | 2 Courtier-authlib, Open Suse | 2017-08-07 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors. | |||||
| CVE-2008-0883 | 2 Adobe, Suse | 4 Acrobat Reader, Open Suse, Suse Linux and 1 more | 2017-08-07 | 3.7 LOW | N/A |
| acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | |||||
| CVE-2007-5471 | 1 Suse | 1 Suse Linux | 2017-07-28 | 7.8 HIGH | N/A |
| libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. NOTE: this issue probably affects other daemons that attempt to initialize this library within a chroot configuration or other invalid configuration. | |||||
| CVE-2002-2259 | 2 Gnuplot, Suse | 2 Gnuplot, Suse Linux | 2017-07-28 | 7.2 HIGH | N/A |
| Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors. | |||||
| CVE-2006-5616 | 2 Openpbs, Suse | 2 Openpbs, Suse Linux | 2017-07-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2006-0043 | 1 Suse | 1 Suse Linux | 2017-07-19 | 4.6 MEDIUM | N/A |
| Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks. | |||||
| CVE-2004-1175 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2017-07-18 | 7.5 HIGH | N/A |
| fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. | |||||
| CVE-2005-3013 | 1 Suse | 1 Suse Linux | 2017-07-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry. | |||||
| CVE-2005-3297 | 1 Suse | 1 Suse Linux | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-3298 | 1 Suse | 1 Suse Linux | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-0470 | 3 Gentoo, Suse, Wpa Supplicant | 3 Linux, Suse Linux, Wpa Supplicant | 2017-07-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data. | |||||