Vulnerabilities (CVE)

Vendor filter

Suse Subscribe

Product filter

Suse Linux Enterprise Live Patching Subscribe

Filter

137 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-12470 1 Suse 1 Subscription Management Tool 2019-10-09 7.5
A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
CVE-2015-5123 4 Adobe, Opensuse, Redhat and 1 more 9 Flash Player, Evergreen, Enterprise Linux Desktop and 6 more 2019-10-09 10.0
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux,...
CVE-2015-5122 4 Adobe, Opensuse, Redhat and 1 more 9 Flash Player, Evergreen, Enterprise Linux Desktop and 6 more 2019-10-09 10.0
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux,...
CVE-2011-3172 1 Suse 1 Suse Linux Enterprise Server 2019-10-09 10.0
A vulnerability in pam_modules of SUSE SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE SUSE Linux Enterprise: versions prior to 12.
CVE-2018-10875 3 Redhat, Debian, Suse 9 Ansible Engine, Openstack, Virtualization and 6 more 2019-07-25 7.5
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
CVE-2014-9761 6 Gnu, Suse, Fedoraproject and 3 more 10 Linux Enterprise Software Development Kit, Ubuntu Linux, Linux Enterprise Desktop and 7 more 2019-06-13 7.5
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan,...
CVE-2015-0192 3 Ibm, Redhat, Suse 8 Java, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2019-06-03 7.5
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.
CVE-2013-4854 10 Slackware, Freebsd, Redhat and 7 more 13 Hp-ux, Dnsco Bind, Enterprise Linux and 10 more 2019-04-22 7.8
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service...
CVE-2013-0170 6 Novell, Suse, Fedoraproject and 3 more 8 Libvirt, Ubuntu Linux, Enterprise Linux and 5 more 2019-04-22 9.3
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of...
CVE-2016-3714 5 Imagemagick, Canonical, Debian and 2 more 6 Imagemagick, Ubuntu Linux, Debian Linux and 3 more 2019-04-15 10.0
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image,...
CVE-2016-0718 8 Libexpat, Apple, Canonical and 5 more 14 Linux Enterprise Software Development Kit, Ubuntu Linux, Leap and 11 more 2018-11-16 7.5
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
CVE-2016-1000030 2 Pidgin, Suse 2 Pidgin, Linux Enterprise Server 2018-11-14 7.5
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be...
CVE-2016-2324 4 Suse, Git-scm, Novell and 1 more 10 Linux Enterprise Software Development Kit, Leap, Linux Enterprise Debuginfo and 7 more 2018-10-30 10.0
Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
CVE-2014-2978 4 Suse, Directfb, Novell and 1 more 8 Linux Enterprise Software Development Kit, Directfb, Linux Enterprise Desktop and 5 more 2018-10-30 10.0
The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an...
CVE-2016-2315 4 Suse, Git-scm, Novell and 1 more 10 Linux Enterprise Software Development Kit, Leap, Linux Enterprise Debuginfo and 7 more 2018-10-30 10.0
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
CVE-2015-8779 7 Canonical, Suse, Debian and 4 more 11 Linux Enterprise Software Development Kit, Ubuntu Linux, Linux Enterprise Desktop and 8 more 2018-10-30 7.5
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
CVE-2014-2977 4 Suse, Directfb, Novell and 1 more 8 Linux Enterprise Software Development Kit, Directfb, Linux Enterprise Desktop and 5 more 2018-10-30 10.0
Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo...
CVE-2015-2737 5 Suse, Mozilla, Debian and 2 more 10 Linux Enterprise Software Development Kit, Ubuntu Linux, Firefox Esr and 7 more 2018-10-30 10.0
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has...
CVE-2015-2734 5 Suse, Mozilla, Debian and 2 more 10 Linux Enterprise Software Development Kit, Ubuntu Linux, Firefox Esr and 7 more 2018-10-30 10.0
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations,...
CVE-2015-2738 5 Suse, Mozilla, Debian and 2 more 10 Linux Enterprise Software Development Kit, Ubuntu Linux, Firefox Esr and 7 more 2018-10-30 10.0
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory...