Product:

Suse_linux

(Suse)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 209
Date Id Summary Products Score Patch Annotated
2025-01-14 CVE-2024-12087 A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious... Almalinux, Arch_linux, Linux, Nixos, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_arm_64, Enterprise_linux_for_arm_64_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_update_services_for_sap_solutions, Rsync, Suse_linux, Smartos 7.5
2025-01-14 CVE-2024-12086 A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files... Almalinux, Arch_linux, Linux, Nixos, Enterprise_linux, Openshift_container_platform, Rsync, Suse_linux, Smartos 6.8
2004-12-15 CVE-2004-1142 Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. Alt_linux, Linux, Debian_linux, Ethereal, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation, Propack, Suse_linux N/A
2004-12-15 CVE-2004-1139 Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). Alt_linux, Linux, Debian_linux, Ethereal, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation, Propack, Suse_linux N/A
1999-03-01 CVE-1999-0426 The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. Suse_linux 9.8
2002-03-15 CVE-2002-0083 Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Linux, Secure_linux, Immunix, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_single_network_firewall, Openssh, Openpkg, Linux, Suse_linux, Secure_linux 9.8
2005-02-09 CVE-2004-0940 Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. Http_server, Hp\-Ux, Openpkg, Slackware_linux, Suse_linux, Secure_linux 7.8
2000-04-29 CVE-2000-0340 Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable. Suse_linux N/A
2005-02-07 CVE-2005-0156 Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. Aix, Perl, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Propack, Suse_linux, Secure_linux, Ubuntu_linux N/A
2002-03-08 CVE-2002-0062 Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." Debian_linux, Freebsd, Ncurses, Linux, Suse_linux N/A