This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Opensuse First view 2012-02-08
Product Suse Linux Enterprise Server Last view 2020-02-17
Version 11.0 Type Os
Update sp3  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:opensuse:suse_linux_enterprise_server

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2020-02-17 CVE-2014-1947

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.

3.5 2020-01-31 CVE-2015-6815

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

6.5 2020-01-23 CVE-2015-5239

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

8.8 2019-11-25 CVE-2012-6639

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

7.5 2017-08-09 CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

9.8 2016-04-19 CVE-2015-8779

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

9.8 2016-04-19 CVE-2015-8778

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.

9.1 2016-04-19 CVE-2015-8776

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

2.1 2015-12-07 CVE-2015-5006

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.

6.8 2015-09-28 CVE-2015-1781

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.

2.9 2015-04-28 CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

2.1 2015-04-16 CVE-2015-2576

Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.

4.9 2015-04-16 CVE-2015-2575

Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.

3.5 2015-04-16 CVE-2015-0505

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

4 2015-04-16 CVE-2015-0500

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.

9.3 2015-04-16 CVE-2015-0492

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.

6.8 2015-04-16 CVE-2015-0484

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.

4 2015-04-16 CVE-2015-0439

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

4 2015-04-16 CVE-2015-0438

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

4 2015-04-16 CVE-2015-0433

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.

4 2015-04-16 CVE-2015-0423

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

4 2015-04-16 CVE-2015-0405

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.

5 2015-03-27 CVE-2014-8121

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.

1.9 2015-01-21 CVE-2015-0413

Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.

9.3 2015-01-21 CVE-2015-0395

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CWE : Common Weakness Enumeration

%idName
18% (8) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
13% (6) CWE-264 Permissions, Privileges, and Access Controls
11% (5) CWE-416 Use After Free
6% (3) CWE-200 Information Exposure
4% (2) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
4% (2) CWE-269 Improper Privilege Management
4% (2) CWE-125 Out-of-bounds Read
4% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
4% (2) CWE-20 Improper Input Validation
2% (1) CWE-787 Out-of-bounds Write
2% (1) CWE-476 NULL Pointer Dereference
2% (1) CWE-362 Race Condition
2% (1) CWE-347 Improper Verification of Cryptographic Signature
2% (1) CWE-346 Origin Validation Error
2% (1) CWE-331 Insufficient Entropy
2% (1) CWE-326 Inadequate Encryption Strength
2% (1) CWE-310 Cryptographic Issues
2% (1) CWE-189 Numeric Errors
2% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
2% (1) CWE-17 Code

ExploitDB Exploits

id Description
31688 ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-10-16 Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl
2012-12-13 Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1345-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1345_1.nasl
2012-11-16 Name : Debian Security Advisory DSA 2569-1 (icedove)
File : nvt/deb_2569_1.nasl
2012-11-16 Name : Debian Security Advisory DSA 2572-1 (iceape)
File : nvt/deb_2572_1.nasl
2012-10-29 Name : Debian Security Advisory DSA 2565-1 (iceweasel)
File : nvt/deb_2565_1.nasl
2012-10-16 Name : Ubuntu Update for thunderbird USN-1611-1
File : nvt/gb_ubuntu_USN_1611_1.nasl
2012-10-15 Name : Mozilla Firefox Multiple Vulnerabilities-01 (Windows)
File : nvt/gb_mozilla_prdts_mult_vuln01_oct12_win.nasl
2012-10-15 Name : Mozilla Firefox Multiple Vulnerabilities-01 (Mac OS X)
File : nvt/gb_mozilla_prdts_mult_vuln01_oct12_macosx.nasl
2012-10-13 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox70.nasl
2012-10-11 Name : CentOS Update for thunderbird CESA-2012:1351 centos6
File : nvt/gb_CESA-2012_1351_thunderbird_centos6.nasl
2012-10-11 Name : RedHat Update for firefox RHSA-2012:1350-01
File : nvt/gb_RHSA-2012_1350-01_firefox.nasl
2012-10-11 Name : RedHat Update for thunderbird RHSA-2012:1351-01
File : nvt/gb_RHSA-2012_1351-01_thunderbird.nasl
2012-10-11 Name : CentOS Update for thunderbird CESA-2012:1351 centos5
File : nvt/gb_CESA-2012_1351_thunderbird_centos5.nasl
2012-10-11 Name : CentOS Update for firefox CESA-2012:1350 centos6
File : nvt/gb_CESA-2012_1350_firefox_centos6.nasl
2012-10-11 Name : CentOS Update for firefox CESA-2012:1350 centos5
File : nvt/gb_CESA-2012_1350_firefox_centos5.nasl
2012-10-11 Name : Ubuntu Update for firefox USN-1600-1
File : nvt/gb_ubuntu_USN_1600_1.nasl
2012-10-05 Name : Ubuntu Update for libxslt USN-1595-1
File : nvt/gb_ubuntu_USN_1595_1.nasl
2012-10-03 Name : Fedora Update for libxslt FEDORA-2012-14048
File : nvt/gb_fedora_2012_14048_libxslt_fc16.nasl
2012-09-27 Name : Fedora Update for libxslt FEDORA-2012-14083
File : nvt/gb_fedora_2012_14083_libxslt_fc17.nasl
2012-09-17 Name : RedHat Update for libxslt RHSA-2012:1265-01
File : nvt/gb_RHSA-2012_1265-01_libxslt.nasl
2012-09-17 Name : CentOS Update for libxslt CESA-2012:1265 centos5
File : nvt/gb_CESA-2012_1265_libxslt_centos5.nasl
2012-09-17 Name : CentOS Update for libxslt CESA-2012:1265 centos6
File : nvt/gb_CESA-2012_1265_libxslt_centos6.nasl
2012-03-12 Name : Gentoo Security Advisory GLSA 201203-08 (libxslt)
File : nvt/glsa_201203_08.nasl
2012-03-12 Name : Gentoo Security Advisory GLSA 201202-01 (chromium)
File : nvt/glsa_201202_01.nasl
2012-03-07 Name : Mandriva Update for libxslt MDVSA-2012:028 (libxslt)
File : nvt/gb_mandriva_MDVSA_2012_028.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2015-B-0014 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0058513
2015-B-0013 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0058515
2015-B-0012 Multiple Vulnerabilities in VMware ESXi 5.0
Severity: Category I - VMSKEY: V0058517
2014-A-0106 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0053189
2014-A-0043 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0046769
2014-A-0021 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0043921
2013-A-0233 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0042596
2013-A-0031 Multiple Security Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity: Category I - VMSKEY: V0036787

Snort® IPS/IDS

Date Description
2014-12-18 SSLv3 CBC client connection attempt
RuleID : 32566 - Type : POLICY-OTHER - Revision : 2
2014-11-19 SSLv3 POODLE CBC padding brute force attempt
RuleID : 32205 - Type : SERVER-OTHER - Revision : 5
2014-11-19 SSLv3 POODLE CBC padding brute force attempt
RuleID : 32204 - Type : SERVER-OTHER - Revision : 5
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29546 - Type : FILE-MULTIMEDIA - Revision : 4
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29545 - Type : FILE-MULTIMEDIA - Revision : 4
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29544 - Type : FILE-MULTIMEDIA - Revision : 4
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29543 - Type : FILE-MULTIMEDIA - Revision : 4
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29542 - Type : FILE-MULTIMEDIA - Revision : 3
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29541 - Type : FILE-MULTIMEDIA - Revision : 3
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29540 - Type : FILE-MULTIMEDIA - Revision : 3
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29539 - Type : FILE-MULTIMEDIA - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO
2017-12-07 Name: The remote host is potentially affected by an SSL/TLS vulnerability.
File: check_point_gaia_sk103683.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1199.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1200.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-877.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-1842.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-1916.nasl - Type: ACT_GATHER_INFO
2017-08-22 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170801_glibc_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2017-08-22 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170801_kernel_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2017-08-16 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-1842-1.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-1842.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-1916.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-1842.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-1916.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2077.nasl - Type: ACT_GATHER_INFO
2017-07-20 Name: The remote database server is affected by multiple vulnerabilities.
File: oracle_rdbms_cpu_jul_2017.nasl - Type: ACT_GATHER_INFO
2017-04-12 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-459.nasl - Type: ACT_GATHER_INFO
2017-04-06 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170321_glibc_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2017-04-03 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0057.nasl - Type: ACT_GATHER_INFO
2017-03-30 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-0680.nasl - Type: ACT_GATHER_INFO
2017-03-30 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0051.nasl - Type: ACT_GATHER_INFO
2017-03-27 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-0680.nasl - Type: ACT_GATHER_INFO
2017-03-22 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-0680.nasl - Type: ACT_GATHER_INFO
2017-02-21 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201702-11.nasl - Type: ACT_GATHER_INFO
2017-01-10 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_03532a19d68e11e6917114dae9d210b8.nasl - Type: ACT_GATHER_INFO