Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Suse_linux
(Suse)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 207 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-02-09 | CVE-2004-0957 | Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. | Openpkg, Mysql, Enterprise_linux, Enterprise_linux_desktop, Suse_linux, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-0956 | MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote. | Mysql, Suse_linux, Ubuntu_linux | N/A | ||
| 2018-07-24 | CVE-2017-3224 | Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB).... | Quagga, Package_manager, Opensuse, Suse_linux | 8.2 | ||
| 2010-01-22 | CVE-2010-0230 | SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions. | Opensuse, Suse_linux | N/A | ||
| 2009-07-05 | CVE-2009-1648 | The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services. | Suse_linux | N/A | ||
| 2008-09-22 | CVE-2008-3949 | emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file. | Suse_linux | N/A | ||
| 2007-11-29 | CVE-2007-6167 | Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory. | Suse_linux | N/A | ||
| 2007-10-15 | CVE-2007-5471 | libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. NOTE: this issue probably affects other daemons that attempt to initialize this library within a chroot configuration or other invalid configuration. | Suse_linux | N/A | ||
| 2007-10-14 | CVE-2007-5196 | Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195. | Suse_linux | N/A | ||
| 2007-10-14 | CVE-2007-5195 | Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5196. | Suse_linux | N/A |