Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_enterprise_server
(Suse)Repositories |
• https://github.com/torvalds/linux
• https://github.com/krb5/krb5 • https://github.com/git/git • https://github.com/ntp-project/ntp • https://github.com/kyz/libmspack |
#Vulnerabilities | 455 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-10-31 | CVE-2018-18873 | An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c. | Ubuntu_linux, Debian_linux, Jasper, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
2012-02-16 | CVE-2011-3026 | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | Iphone_os, Mac_os_x, Mac_os_x_server, Chrome, Opensuse, Linux_enterprise_server, Suse_linux_enterprise_server | N/A | ||
2020-01-24 | CVE-2019-3687 | The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa. | Linux_enterprise_server | N/A | ||
2020-03-02 | CVE-2019-18903 | A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62. | Leap, Linux_enterprise_server | N/A | ||
2020-03-02 | CVE-2019-18902 | A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62. | Leap, Linux_enterprise_server | N/A | ||
2020-02-17 | CVE-2014-1947 | Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. | Imagemagick, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
2020-01-27 | CVE-2006-7246 | NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. | Networkmanager, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
2020-01-02 | CVE-2010-3782 | obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation. | Obs\-Server, Linux_enterprise_server | N/A | ||
2019-11-15 | CVE-2016-5285 | A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. | Aura_application_enablement_services, Aura_application_server_5300, Aura_communication_manager, Aura_communication_manager_messagint, Aura_conferencing, Aura_experience_portal, Aura_messaging, Aura_session_manager, Aura_system_manager, Aura_system_platform_firmware, Aura_utility_services, Breeze_platform, Call_management_system, Cs1000e\/cs1000m_signaling_server_firmware, Cs1000e_firmware, Cs1000m_firmware, Ip_office, Iq, Meeting_exchange, Message_networking, One\-X_client_enablement_services, Proactive_contact, Session_border_controller_for_enterprise_firmware, Debian_linux, Nss, Enterprise_linux, Linux_enterprise_server | N/A | ||
2019-11-25 | CVE-2012-6639 | An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. | Cloud\-Init, Debian_linux, Linux_enterprise_server | N/A |