Product:

Suse_linux_enterprise_server

(Suse)
Date ID Summary Products Score Patch
2018-11-29 CVE-2018-19655 A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file. Dcraw, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server 8.8
2020-03-23 CVE-2020-6449 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server N/A
2020-03-23 CVE-2020-6429 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server N/A
2020-03-23 CVE-2020-6428 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server N/A
2020-03-23 CVE-2020-6427 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server N/A
2020-03-23 CVE-2020-6426 Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server N/A
2020-03-23 CVE-2020-6424 Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server N/A
2020-03-23 CVE-2020-6422 Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server N/A
2018-11-28 CVE-2018-12122 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Node\.js, Node\.js, Suse_enterprise_storage, Suse_linux_enterprise_server, Suse_openstack_cloud 7.5
2018-11-28 CVE-2018-12116 Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. Node\.js, Node\.js, Suse_enterprise_storage, Suse_linux_enterprise_server, Suse_openstack_cloud 7.5