Vulnerabilities (CVE)

Vendor filter

Suse Subscribe

Product filter

Suse Linux Enterprise Real Time Extension Subscribe

Filter

483 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-17558 2 Linux, Suse 2 Linux Kernel, Linux Enterprise Server 2019-05-14 7.2
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which...
CVE-2014-0131 3 Linux, Opensuse, Suse 3 Linux Kernel, Evergreen, Linux Enterprise Server 2019-05-13 2.9
Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.
CVE-2019-3684 1 Suse 1 Manager 2019-05-13 4.3
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on systems that don't have a swap already configured and don't have btrfs as filesystem
CVE-2018-10875 3 Redhat, Debian, Suse 9 Ansible Engine, Openstack, Virtualization and 6 more 2019-05-10 7.5
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
CVE-2017-15115 5 Redhat, Linux, Canonical and 2 more 6 Enterprise Mrg, Linux Kernel, Enterprise Linux and 3 more 2019-05-08 7.2
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or...
CVE-2018-7566 6 Suse, Linux, Canonical and 3 more 12 Linux Enterprise Module For Public Cloud, Linux Kernel, Linux Enterprise Server and 9 more 2019-05-07 4.6
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2019-6690 5 Python, Suse, Debian and 2 more 5 Python-gnupg, Backports, Debian Linux and 2 more 2019-05-06 5.0
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a...
CVE-2018-19542 5 Jasper Project, Canonical, Suse and 2 more 6 Jasper, Ubuntu Linux, Linux Enterprise Desktop and 3 more 2019-05-03 4.3
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.
CVE-2018-19539 4 Jasper Project, Suse, Debian and 1 more 5 Jasper, Linux Enterprise Desktop, Linux Enterprise Server and 2 more 2019-05-03 4.3
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.
CVE-2018-6556 4 Linuxcontainers, Canonical, Suse and 1 more 6 Lxc, Ubuntu Linux, Caas Platform and 3 more 2019-04-27 2.1
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may...
CVE-2017-1000366 9 Gnu, Redhat, Suse and 6 more 24 Glibc, Enterprise Linux, Linux Enterprise Server For Raspberry Pi and 21 more 2019-04-26 7.2
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been...
CVE-2018-16837 3 Redhat, Debian, Suse 4 Ansible Engine, Ansible Tower, Debian Linux and 1 more 2019-04-25 2.1
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in...
CVE-2019-9211 3 Gnu, Suse, Fedoraproject 3 Pspp, Backports, Fedora 2019-04-25 4.3
There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.
CVE-2014-3917 3 Suse, Linux, Redhat 4 Linux Kernel, Enterprise Linux, Linux Enterprise Desktop and 1 more 2019-04-22 3.3
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a...
CVE-2013-0170 6 Novell, Suse, Fedoraproject and 3 more 8 Libvirt, Ubuntu Linux, Enterprise Linux and 5 more 2019-04-22 9.3
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of...
CVE-2016-5244 4 Suse, Linux, Fedoraproject and 1 more 11 Linux Kernel, Linux Enterprise Desktop, Linux Enterprise Workstation Extension and 8 more 2019-04-22 5.0
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
CVE-2013-4854 10 Slackware, Freebsd, Redhat and 7 more 13 Hp-ux, Dnsco Bind, Enterprise Linux and 10 more 2019-04-22 7.8
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service...
CVE-2018-14523 3 Aubio, Opensuse, Suse 3 Aubio, Leap, Linux Enterprise 2019-04-17 6.8
An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.
CVE-2018-14522 3 Aubio, Opensuse, Suse 3 Aubio, Leap, Linux Enterprise 2019-04-17 6.8
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.
CVE-2018-16876 3 Redhat, Debian, Suse 8 Ansible, Debian Linux, Openstack and 5 more 2019-04-16 5.0
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.