Suse_linux_enterprise_server
(Suse)| Repositories |
•
https://github.com/torvalds/linux
• https://github.com/git/git • https://github.com/lighttpd/lighttpd1.4 |
| #Vulnerabilities | 60 |
| Date | ID | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2018-11-29 | CVE-2018-19655 | A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file. | Dcraw, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | 8.8 | |
| 2020-03-23 | CVE-2020-6449 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | |
| 2020-03-23 | CVE-2020-6429 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | |
| 2020-03-23 | CVE-2020-6428 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | |
| 2020-03-23 | CVE-2020-6427 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | |
| 2020-03-23 | CVE-2020-6426 | Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | |
| 2020-03-23 | CVE-2020-6424 | Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | |
| 2020-03-23 | CVE-2020-6422 | Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | |
| 2018-11-28 | CVE-2018-12122 | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. | Node\.js, Node\.js, Suse_enterprise_storage, Suse_linux_enterprise_server, Suse_openstack_cloud | 7.5 | |
| 2018-11-28 | CVE-2018-12116 | Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. | Node\.js, Node\.js, Suse_enterprise_storage, Suse_linux_enterprise_server, Suse_openstack_cloud | 7.5 |