Filtered by vendor Suse
Subscriptions
Filtered by product Linux Enterprise Server
Subscriptions
Total
498 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5194 | 6 Canonical, Debian, Fedoraproject and 3 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2025-04-20 | N/A |
| The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. | ||||
| CVE-2014-9853 | 6 Canonical, Imagemagick, Novell and 3 more | 11 Ubuntu Linux, Imagemagick, Leap and 8 more | 2025-04-20 | 5.5 Medium |
| Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. | ||||
| CVE-2015-4680 | 2 Freeradius, Suse | 3 Freeradius, Linux Enterprise Server, Linux Enterprise Software Development Kit | 2025-04-20 | N/A |
| FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates. | ||||
| CVE-2015-8567 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2025-04-20 | 7.7 High |
| Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2017-13078 | 7 Canonical, Debian, Freebsd and 4 more | 13 Ubuntu Linux, Debian Linux, Freebsd and 10 more | 2025-04-20 | N/A |
| Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. | ||||
| CVE-2017-13081 | 7 Canonical, Debian, Freebsd and 4 more | 12 Ubuntu Linux, Debian Linux, Freebsd and 9 more | 2025-04-20 | N/A |
| Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. | ||||
| CVE-2017-15115 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2025-04-20 | 7.8 High |
| The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls. | ||||
| CVE-2002-20001 | 6 Balasys, F5, Hpe and 3 more | 49 Dheater, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 46 more | 2025-04-15 | 7.5 High |
| The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE. | ||||
| CVE-2015-5006 | 3 Ibm, Redhat, Suse | 11 Java 2 Sdk, Java Sdk, Enterprise Linux Desktop and 8 more | 2025-04-12 | N/A |
| IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache. | ||||
| CVE-2015-8551 | 4 Debian, Linux, Opensuse and 1 more | 8 Debian Linux, Linux Kernel, Opensuse and 5 more | 2025-04-12 | 6.0 Medium |
| The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks." | ||||
| CVE-2015-8930 | 4 Canonical, Libarchive, Redhat and 1 more | 6 Ubuntu Linux, Libarchive, Enterprise Linux and 3 more | 2025-04-12 | N/A |
| bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself. | ||||
| CVE-2015-8926 | 4 Canonical, Libarchive, Redhat and 1 more | 6 Ubuntu Linux, Libarchive, Enterprise Linux and 3 more | 2025-04-12 | N/A |
| The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. | ||||
| CVE-2015-8929 | 2 Libarchive, Suse | 4 Libarchive, Linux Enterprise Desktop, Linux Enterprise Server and 1 more | 2025-04-12 | N/A |
| Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file. | ||||
| CVE-2015-8932 | 5 Canonical, Debian, Libarchive and 2 more | 7 Ubuntu Linux, Debian Linux, Libarchive and 4 more | 2025-04-12 | N/A |
| The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift. | ||||
| CVE-2016-4954 | 5 Ntp, Opensuse, Oracle and 2 more | 15 Ntp, Leap, Opensuse and 12 more | 2025-04-12 | 7.5 High |
| The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication. | ||||
| CVE-2014-6559 | 5 Juniper, Mariadb, Oracle and 2 more | 11 Junos Space, Mariadb, Mysql and 8 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING. | ||||
| CVE-2014-6564 | 3 Mariadb, Oracle, Suse | 6 Mariadb, Mysql, Linux Enterprise Desktop and 3 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML. | ||||
| CVE-2014-6568 | 7 Canonical, Debian, Fedoraproject and 4 more | 19 Ubuntu Linux, Debian Linux, Fedora and 16 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML. | ||||
| CVE-2014-6555 | 4 Mariadb, Oracle, Redhat and 1 more | 9 Mariadb, Mysql, Enterprise Linux and 6 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. | ||||
| CVE-2014-6530 | 4 Mariadb, Oracle, Redhat and 1 more | 10 Mariadb, Mysql, Solaris and 7 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP. | ||||