Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Suse_linux_enterprise_desktop
(Novell)Repositories | https://github.com/torvalds/linux |
#Vulnerabilities | 83 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2015-01-21 | CVE-2015-0437 | Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | Suse_linux_enterprise_desktop, Jdk, Jre | N/A | ||
2015-04-16 | CVE-2015-0458 | Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | Suse_linux_enterprise_desktop, Opensuse, Jdk, Jre | N/A | ||
2015-04-16 | CVE-2015-0459 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491. | Suse_linux_enterprise_desktop, Opensuse, Javafx, Jdk, Jre | N/A | ||
2017-06-19 | CVE-2017-1000366 | glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. | Debian_linux, Glibc, Web_gateway, Suse_linux_enterprise_desktop, Suse_linux_enterprise_point_of_sale, Suse_linux_enterprise_server, Cloud_magnum_orchestration, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_long_life, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_for_sap, Linux_enterprise_server, Linux_enterprise_server_for_raspberry_pi, Linux_enterprise_software_development_kit | 7.8 | ||
2014-11-10 | CVE-2014-8559 | The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Evergreen, Opensuse, Linux, Linux_enterprise_real_time_extension, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server | N/A | ||
2013-08-19 | CVE-2013-3567 | Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. | Ubuntu_linux, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Puppet, Puppet_enterprise, Puppet | N/A | ||
2016-05-02 | CVE-2016-3951 | Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_desktop, Suse_linux_enterprise_live_patching, Suse_linux_enterprise_module_for_public_cloud, Suse_linux_enterprise_real_time_extension, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension, Suse_linux_enterprise_software_development_kit | 4.6 | ||
2016-04-27 | CVE-2015-8845 | The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. | Linux_kernel, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_live_patching, Suse_linux_enterprise_module_for_public_cloud, Suse_linux_enterprise_real_time_extension, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension | 5.5 | ||
2015-04-14 | CVE-2015-3044 | Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | Flash_player, Suse_linux_enterprise_desktop, Suse_linux_enterprise_workstation_extension, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_supplementary, Enterprise_linux_workstation_supplementary | N/A | ||
2015-07-06 | CVE-2015-2733 | Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker. | Firefox, Firefox_esr, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Solaris | N/A |