This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2014-04-14
Product Linux Enterprise Desktop Last view 2020-01-23
Version 12 Type Os
Update -  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:linux_enterprise_desktop

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
6.5 2020-01-23 CVE-2015-5239

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

7.5 2017-07-21 CVE-2015-5300

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

7.7 2017-04-13 CVE-2015-8567

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).

7.8 2017-04-12 CVE-2016-9959

game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

7.8 2017-04-12 CVE-2016-9958

game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

7.8 2017-04-12 CVE-2016-9957

Stack-based buffer overflow in game-music-emu before 0.6.1.

7.8 2017-03-23 CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root).

4.3 2017-01-30 CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

7.5 2016-06-27 CVE-2016-5244

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

8.8 2016-06-16 CVE-2016-4156

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4155

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4154

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4153

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4152

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4151

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4150

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4148

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4147

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4145

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4144

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4143

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4142

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4141

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4140

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8 2016-06-16 CVE-2016-4139

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

CWE : Common Weakness Enumeration

%idName
29% (16) CWE-787 Out-of-bounds Write
18% (10) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
5% (3) CWE-476 NULL Pointer Dereference
5% (3) CWE-20 Improper Input Validation
5% (3) CWE-17 Code
3% (2) CWE-200 Information Exposure
3% (2) CWE-189 Numeric Errors
3% (2) CWE-125 Out-of-bounds Read
1% (1) CWE-763 Release of Invalid Pointer or Reference
1% (1) CWE-416 Use After Free
1% (1) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
1% (1) CWE-369 Divide By Zero
1% (1) CWE-362 Race Condition
1% (1) CWE-361 Time and State
1% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
1% (1) CWE-310 Cryptographic Issues
1% (1) CWE-254 Security Features
1% (1) CWE-190 Integer Overflow or Wraparound
1% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
1% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (1) CWE-18 Source Code

Information Assurance Vulnerability Management (IAVM)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0158 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0061089
2015-A-0113 Multiple Vulnerabilities in Juniper Networks CTPOS
Severity: Category I - VMSKEY: V0060737
2014-A-0172 Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity: Category I - VMSKEY: V0057381
2014-B-0103 Multiple Vulnerabilities in VMware Horizon View Client
Severity: Category I - VMSKEY: V0053509
2014-B-0102 Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5
Severity: Category I - VMSKEY: V0053507
2014-B-0101 Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1
Severity: Category I - VMSKEY: V0053505
2014-A-0115 Multiple Vulnerabilities in VMware Horizon View
Severity: Category I - VMSKEY: V0053501
2014-B-0097 Multiple Vulnerabilities in VMware ESXi 5.0
Severity: Category I - VMSKEY: V0053319
2014-A-0111 Multiple Vulnerabilities in VMware Workstation
Severity: Category I - VMSKEY: V0053179
2014-A-0099 Multiple Vulnerabilities in McAfee Email Gateway
Severity: Category I - VMSKEY: V0053203
2014-A-0100 Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux
Severity: Category I - VMSKEY: V0053201
2014-A-0106 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0053189
2014-A-0109 Multiple Vulnerabilities in VMware Fusion
Severity: Category I - VMSKEY: V0053183
2014-A-0110 Multiple Vulnerabilities in VMware Player
Severity: Category I - VMSKEY: V0053181
2014-B-0095 Multiple Vulnerabilities in Splunk
Severity: Category I - VMSKEY: V0053177
2014-B-0088 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0052911
2014-B-0089 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0052909
2014-B-0091 Multiple Vulnerabilities in VMware vCenter Update Manager 5.5
Severity: Category I - VMSKEY: V0052907
2014-B-0085 Multiple Vulnerabilities in HP System Management Homepage (SMH)
Severity: Category I - VMSKEY: V0052899
2014-B-0092 Multiple Vulnerabilities in VMware vSphere Client 5.5
Severity: Category I - VMSKEY: V0052893
2014-A-0089 Multiple Vulnerabilities in Juniper Pulse Secure Access Service (IVE)
Severity: Category I - VMSKEY: V0052805
2014-B-0079 Multiple Vulnerabilities in IBM AIX
Severity: Category I - VMSKEY: V0052641
2014-B-0078 Multiple Vulnerabilities in Blue Coat ProxySG
Severity: Category I - VMSKEY: V0052639
2014-A-0087 Multiple Vulnerabilities in McAfee ePolicy Orchestrator
Severity: Category I - VMSKEY: V0052637
2014-B-0080 Multiple Vulnerabilities in Stunnel
Severity: Category I - VMSKEY: V0052627

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-02-25 OpenSSL anonymous ECDH denial of service attempt
RuleID : 52626 - Type : SERVER-OTHER - Revision : 1
2020-02-25 OpenSSL anonymous ECDH denial of service attempt
RuleID : 52625 - Type : SERVER-OTHER - Revision : 1
2018-03-27 ISC BIND malformed data channel authentication message denial of service attempt
RuleID : 45738 - Type : SERVER-OTHER - Revision : 1
2017-09-06 ISC BIND malformed control channel authentication message denial of service a...
RuleID : 43846 - Type : SERVER-OTHER - Revision : 2
2017-04-12 SSL/TLS weak RC4 cipher suite use attempt
RuleID : 41907 - Type : POLICY-OTHER - Revision : 3
2017-02-21 Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt
RuleID : 41358 - Type : FILE-FLASH - Revision : 3
2017-02-21 Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt
RuleID : 41357 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt
RuleID : 39319 - Type : FILE-FLASH - Revision : 4
2016-07-19 Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt
RuleID : 39318 - Type : FILE-FLASH - Revision : 3
2016-07-19 Adobe Flash Player RegExp numbered backreference out of bounds read attempt
RuleID : 39315 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player RegExp numbered backreference out of bounds read attempt
RuleID : 39314 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player malformed Adobe Texture Format image load memory corruptio...
RuleID : 39313 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player malformed Adobe Texture Format image load memory corruptio...
RuleID : 39312 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player same origin policy security bypass attempt
RuleID : 39311 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player same origin policy security bypass attempt
RuleID : 39310 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player malformed ATF file length load buffer overflow attempt
RuleID : 39309 - Type : FILE-FLASH - Revision : 4
2016-07-19 Adobe Flash Player malformed ATF file length load buffer overflow attempt
RuleID : 39308 - Type : FILE-FLASH - Revision : 4
2016-07-19 Adobe Flash Player sound object use-after-free attempt
RuleID : 39307 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player sound object use-after-free attempt
RuleID : 39306 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory acc...
RuleID : 39305 - Type : FILE-FLASH - Revision : 3
2016-07-19 Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory acc...
RuleID : 39304 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash player retrieveResolvers memory corruption attempt
RuleID : 39298 - Type : FILE-FLASH - Revision : 3
2016-07-19 Adobe Flash player retrieveResolvers memory corruption attempt
RuleID : 39297 - Type : FILE-FLASH - Revision : 2
2016-07-19 Adobe Flash Player request for dbghelp.dll over SMB attempt
RuleID : 39296 - Type : FILE-FLASH - Revision : 4
2016-07-19 Adobe Flash Player request for apphelp.dll over SMB attempt
RuleID : 39295 - Type : FILE-FLASH - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-05-07 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2018-124-01.nasl - Type: ACT_GATHER_INFO
2018-05-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_8719b9358bae41ad92ba3c826f651219.nasl - Type: ACT_GATHER_INFO
2018-02-28 Name: The version of Arista Networks EOS running on the remote device is affected b...
File: arista_eos_sa0017.nasl - Type: ACT_GATHER_INFO
2017-12-26 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL31211252.nasl - Type: ACT_GATHER_INFO
2017-12-04 Name: The remote host is missing a vendor-supplied security patch.
File: check_point_gaia_sk106499.nasl - Type: ACT_GATHER_INFO
2017-10-12 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_9164f51eae2011e7a633009c02a2ab30.nasl - Type: ACT_GATHER_INFO
2017-09-25 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2017-266-02.nasl - Type: ACT_GATHER_INFO
2017-09-19 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL52320548.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1199.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1200.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-877.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-1916.nasl - Type: ACT_GATHER_INFO
2017-08-22 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170801_glibc_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote AIX host has a version of NTP installed that is affected by a data...
File: aix_ntp_v4_advisory5.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-1916.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote AIX host has a version of bind installed that is affected by multi...
File: aix_bind_advisory12.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-1916.nasl - Type: ACT_GATHER_INFO
2017-07-10 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201707-02.nasl - Type: ACT_GATHER_INFO
2017-05-17 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3566.nasl - Type: ACT_GATHER_INFO
2017-05-17 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3567.nasl - Type: ACT_GATHER_INFO
2017-05-17 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0105.nasl - Type: ACT_GATHER_INFO
2017-05-17 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0106.nasl - Type: ACT_GATHER_INFO
2017-05-08 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_6.nasl - Type: ACT_GATHER_INFO
2017-05-08 Name: An application running on the remote host is affected by multiple vulnerabili...
File: itunes_12_6_banner.nasl - Type: ACT_GATHER_INFO
2017-05-08 Name: The remote host contains an application that is affected by multiple vulnerab...
File: macos_itunes_12_6.nasl - Type: ACT_GATHER_INFO