Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Suse_linux_enterprise_server
(Suse)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/git/git • https://github.com/lighttpd/lighttpd1.4 |
| #Vulnerabilities | 129 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-06-06 | CVE-2015-5041 | The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods. | Java_sdk, Websphere_application_server, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 9.1 | ||
| 2015-04-28 | CVE-2015-3340 | Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. | Debian_linux, Fedora, Opensuse, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Xen | N/A | ||
| 2015-07-06 | CVE-2015-2738 | The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Thunderbird, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | N/A | ||
| 2015-07-06 | CVE-2015-2737 | The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Thunderbird, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | N/A | ||
| 2015-07-06 | CVE-2015-2734 | The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Thunderbird, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | N/A | ||
| 2015-04-16 | CVE-2015-0500 | Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors. | Communications_policy_management, Mysql, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | N/A | ||
| 2015-04-16 | CVE-2015-0439 | Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756. | Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Mysql, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | N/A | ||
| 2017-03-17 | CVE-2014-9854 | coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." | Ubuntu_linux, Imagemagick, Leap, Opensuse, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 7.5 | ||
| 2014-12-02 | CVE-2014-9116 | The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function. | Debian_linux, Mageia, Mutt, Linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | ||
| 2014-06-11 | CVE-2014-2978 | The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write. | Directfb, Opensuse, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server | N/A |