Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_enterprise_server
(Suse)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/krb5/krb5 • https://github.com/git/git • https://github.com/ntp-project/ntp • https://github.com/kyz/libmspack |
| #Vulnerabilities | 468 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-17 | CVE-2014-1947 | Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. | Imagemagick, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2020-01-27 | CVE-2006-7246 | NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. | Networkmanager, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
| 2020-01-02 | CVE-2010-3782 | obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation. | Obs\-Server, Linux_enterprise_server | N/A | ||
| 2019-11-15 | CVE-2016-5285 | A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. | Aura_application_enablement_services, Aura_application_server_5300, Aura_communication_manager, Aura_communication_manager_messagint, Aura_conferencing, Aura_experience_portal, Aura_messaging, Aura_session_manager, Aura_system_manager, Aura_system_platform_firmware, Aura_utility_services, Breeze_platform, Call_management_system, Cs1000e\/cs1000m_signaling_server_firmware, Cs1000e_firmware, Cs1000m_firmware, Ip_office, Iq, Meeting_exchange, Message_networking, One\-X_client_enablement_services, Proactive_contact, Session_border_controller_for_enterprise_firmware, Debian_linux, Nss, Enterprise_linux, Linux_enterprise_server | N/A | ||
| 2019-11-25 | CVE-2012-6639 | An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. | Cloud\-Init, Debian_linux, Linux_enterprise_server | N/A | ||
| 2017-10-17 | CVE-2017-13088 | Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. | Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant | 5.3 | ||
| 2017-10-17 | CVE-2017-13087 | Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. | Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant | 5.3 | ||
| 2017-10-17 | CVE-2017-13086 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant | 6.8 | ||
| 2017-10-17 | CVE-2017-13084 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant | 6.8 | ||
| 2017-10-17 | CVE-2017-13082 | Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant | 8.1 |