Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Suse Subscribe
Total 1091 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1477 2 Linux, Suse 2 Linux Kernel, Linux Enterprise Desktop 2023-02-12 7.2 HIGH N/A
Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer.
CVE-2011-1163 3 Linux, Redhat, Suse 7 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Eus and 4 more 2023-02-12 2.1 LOW N/A
The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.
CVE-2009-3612 5 Canonical, Fedoraproject, Linux and 2 more 7 Ubuntu Linux, Fedora, Linux Kernel and 4 more 2023-02-12 2.1 LOW N/A
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881.
CVE-2009-2903 3 Canonical, Linux, Suse 6 Ubuntu Linux, Linux Kernel, Linux Enterprise Debuginfo and 3 more 2023-02-12 7.1 HIGH N/A
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.
CVE-2005-1761 2 Novell, Suse 3 Linux Desktop, Open Enterprise Server, Suse Linux 2023-02-12 2.1 LOW N/A
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
CVE-2005-1767 2 Novell, Suse 3 Linux Desktop, Open Enterprise Server, Suse Linux 2023-02-12 2.1 LOW N/A
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
CVE-2015-5194 6 Canonical, Debian, Fedoraproject and 3 more 13 Ubuntu Linux, Debian Linux, Fedora and 10 more 2023-02-12 5.0 MEDIUM 7.5 HIGH
The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
CVE-2015-5219 10 Canonical, Debian, Fedoraproject and 7 more 20 Ubuntu Linux, Debian Linux, Fedora and 17 more 2023-02-12 5.0 MEDIUM 7.5 HIGH
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
CVE-2015-5154 4 Fedoraproject, Qemu, Suse and 1 more 8 Fedora, Qemu, Linux Enterprise Debuginfo and 5 more 2023-02-12 7.2 HIGH N/A
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
CVE-2015-5165 7 Arista, Debian, Fedoraproject and 4 more 24 Eos, Debian Linux, Fedora and 21 more 2023-02-12 9.3 HIGH N/A
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
CVE-2015-3405 7 Debian, Fedoraproject, Ntp and 4 more 13 Debian Linux, Fedora, Ntp and 10 more 2023-02-12 5.0 MEDIUM 7.5 HIGH
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.
CVE-2015-3209 8 Arista, Canonical, Debian and 5 more 19 Eos, Ubuntu Linux, Debian Linux and 16 more 2023-02-12 7.5 HIGH N/A
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
CVE-2015-1781 4 Canonical, Debian, Gnu and 1 more 6 Ubuntu Linux, Debian Linux, Glibc and 3 more 2023-02-12 6.8 MEDIUM N/A
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
CVE-2015-0272 4 Canonical, Gnome, Oracle and 1 more 9 Ubuntu Linux, Networkmanager, Linux and 6 more 2023-02-12 5.0 MEDIUM N/A
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
CVE-2014-9584 7 Canonical, Debian, Linux and 4 more 19 Ubuntu Linux, Debian Linux, Linux Kernel and 16 more 2023-02-12 2.1 LOW N/A
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.
CVE-2014-8162 2 Redhat, Suse 2 Network Satellite, Manager 2023-02-12 7.5 HIGH N/A
XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.
CVE-2014-8121 3 Canonical, Gnu, Suse 4 Ubuntu Linux, Glibc, Suse Linux Enterprise Desktop and 1 more 2023-02-12 5.0 MEDIUM N/A
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
CVE-2014-8134 5 Canonical, Linux, Opensuse and 2 more 6 Ubuntu Linux, Linux Kernel, Evergreen and 3 more 2023-02-12 1.9 LOW 3.3 LOW
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.
CVE-2014-8160 6 Canonical, Debian, Linux and 3 more 15 Ubuntu Linux, Debian Linux, Linux Kernel and 12 more 2023-02-12 5.0 MEDIUM N/A
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
CVE-2014-7811 2 Redhat, Suse 3 Network Satellite, Spacewalk, Manager 2023-02-12 3.5 LOW N/A
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.