Filtered by vendor Suse
Subscribe
Total
1183 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
| CVE-2004-0866 | 4 Kde, Microsoft, Mozilla and 1 more | 5 Konqueror, Ie, Internet Explorer and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | |||||
| CVE-1999-0462 | 1 Suse | 1 Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
| suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. | |||||
| CVE-2005-3321 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions. | |||||
| CVE-2005-3148 | 2 Storebackup, Suse | 2 Storebackup, Suse Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership. | |||||
| CVE-2006-2703 | 1 Suse | 1 Suse Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. | |||||
| CVE-2005-0207 | 4 Conectiva, Linux, Redhat and 1 more | 5 Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. | |||||
| CVE-2004-0626 | 4 Conectiva, Gentoo, Linux and 1 more | 4 Linux, Linux, Linux Kernel and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. | |||||
| CVE-2004-1009 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
| CVE-2004-1190 | 1 Suse | 1 Suse Linux | 2025-04-03 | 2.1 LOW | N/A |
| SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices. | |||||
| CVE-2000-1016 | 1 Suse | 1 Suse Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | |||||
| CVE-2004-1145 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | |||||
| CVE-2023-29552 | 4 Netapp, Service Location Protocol Project, Suse and 1 more | 5 Smi-s Provider, Service Location Protocol, Linux Enterprise Server and 2 more | 2025-03-27 | N/A | 7.5 HIGH |
| The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. | |||||
| CVE-2023-23005 | 2 Linux, Suse | 2 Linux Kernel, Linux Enterprise Server | 2025-03-19 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached. | |||||
| CVE-2023-34256 | 3 Debian, Linux, Suse | 3 Debian Linux, Linux Kernel, Linux Enterprise | 2025-03-11 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. | |||||
| CVE-2023-22651 | 1 Suse | 1 Rancher | 2025-01-29 | N/A | 9.9 CRITICAL |
| Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into the Kubernetes cluster. The issue only affects users that upgrade from 2.6.x or 2.7.x to 2.7.2. Users that did a fresh install of 2.7.2 (and did not follow an upgrade path) are not affected. | |||||
| CVE-2017-5753 | 13 Arm, Canonical, Debian and 10 more | 387 Cortex-a12, Cortex-a12 Firmware, Cortex-a15 and 384 more | 2025-01-14 | 4.7 MEDIUM | 5.6 MEDIUM |
| Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |||||
| CVE-2017-18017 | 9 Arista, Canonical, Debian and 6 more | 29 Eos, Ubuntu Linux, Debian Linux and 26 more | 2025-01-03 | 10.0 HIGH | 9.8 CRITICAL |
| The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. | |||||
| CVE-2018-12122 | 2 Nodejs, Suse | 4 Node.js, Suse Enterprise Storage, Suse Linux Enterprise Server and 1 more | 2024-12-13 | 5.0 MEDIUM | 7.5 HIGH |
| Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. | |||||
| CVE-2019-11881 | 1 Suse | 1 Rancher | 2024-12-04 | 4.3 MEDIUM | 4.7 MEDIUM |
| A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message. | |||||