Filtered by vendor Suse
Subscriptions
Total
1218 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0063 | 8 Apple, Canonical, Debian and 5 more | 13 Mac Os X, Mac Os X Server, Ubuntu Linux and 10 more | 2025-04-09 | 7.5 High |
| The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." | ||||
| CVE-2009-2903 | 3 Canonical, Linux, Suse | 6 Ubuntu Linux, Linux Kernel, Linux Enterprise Debuginfo and 3 more | 2025-04-09 | N/A |
| Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. | ||||
| CVE-2009-1072 | 8 Canonical, Debian, Linux and 5 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2025-04-09 | N/A |
| nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. | ||||
| CVE-2007-4432 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2025-04-09 | N/A |
| Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables. | ||||
| CVE-2009-3612 | 6 Canonical, Fedoraproject, Linux and 3 more | 9 Ubuntu Linux, Fedora, Linux Kernel and 6 more | 2025-04-09 | N/A |
| The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. | ||||
| CVE-2007-4394 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2025-04-09 | N/A |
| Unspecified vulnerability in a "core clean" cron job created by the findutils-locate package on SUSE Linux 10.0 and 10.1 and Enterprise Server 9 and 10 before 20070810 allows local users to delete of arbitrary files via unknown vectors. | ||||
| CVE-2008-0731 | 3 Linux, Novell, Suse | 3 Linux Kernel, Apparmor, Open Suse | 2025-04-09 | N/A |
| The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task. | ||||
| CVE-2008-2667 | 2 Courier-mta, Suse | 2 Courtier-authlib, Open Suse | 2025-04-09 | N/A |
| SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors. | ||||
| CVE-2006-5616 | 2 Openpbs, Suse | 2 Openpbs, Suse Linux | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-6662 | 1 Suse | 3 Linux Enterprise Desktop, Suse Linux, Suse Open Enterprise Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9, under unspecified conditions, allows local users to log in to the console without a password. | ||||
| CVE-2009-0949 | 6 Apple, Canonical, Debian and 3 more | 8 Cups, Mac Os X, Mac Os X Server and 5 more | 2025-04-09 | 7.5 High |
| The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. | ||||
| CVE-2007-5195 | 1 Suse | 1 Suse Linux | 2025-04-09 | N/A |
| Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5196. | ||||
| CVE-2007-5196 | 1 Suse | 1 Suse Linux | 2025-04-09 | N/A |
| Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195. | ||||
| CVE-2008-2812 | 8 Avaya, Canonical, Debian and 5 more | 16 Communication Manager, Expanded Meet-me Conferencing, Intuity Audix Lx and 13 more | 2025-04-09 | 7.8 High |
| The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. | ||||
| CVE-2007-6167 | 1 Suse | 1 Suse Linux | 2025-04-09 | N/A |
| Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory. | ||||
| CVE-2009-3939 | 7 Avaya, Canonical, Debian and 4 more | 20 Aura Application Enablement Services, Aura Communication Manager, Aura Session Manager and 17 more | 2025-04-09 | 7.1 High |
| The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. | ||||
| CVE-2023-22644 | 1 Suse | 1 Manager Server | 2025-04-07 | 5.5 Medium |
| A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE. | ||||
| CVE-2005-4778 | 1 Suse | 2 Suse Linux, Suse Sled Beagle | 2025-04-03 | N/A |
| The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions. | ||||
| CVE-2004-0497 | 7 Conectiva, Gentoo, Linux and 4 more | 9 Linux, Linux, Linux Kernel and 6 more | 2025-04-03 | N/A |
| Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. | ||||
| CVE-2004-0587 | 3 Mandrakesoft, Redhat, Suse | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. | ||||