Suse_linux_enterprise_server - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Suse_linux_enterprise_server
(Suse)

Repositories	• https://github.com/torvalds/linux • https://github.com/git/git • https://github.com/lighttpd/lighttpd1.4
#Vulnerabilities	129

Date	Id	Summary	Products	Score	Patch	Annotated
2014-05-07	CVE-2014-0196	The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.	Ubuntu_linux, Debian_linux, Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_edge_gateway, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_policy_enforcement_manager, Big\-Ip_protocol_security_module, Big\-Ip_wan_optimization_manager, Big\-Ip_webaccelerator, Big\-Iq_application_delivery_controller, Big\-Iq_centralized_management, Big\-Iq_cloud, Big\-Iq_cloud_and_orchestration, Big\-Iq_device, Big\-Iq_security, Enterprise_manager, Linux_kernel, Linux, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_eus, Suse_linux_enterprise_desktop, Suse_linux_enterprise_high_availability_extension, Suse_linux_enterprise_server	N/A
2018-11-28	CVE-2018-12122	Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.	Node\.js, Suse_enterprise_storage, Suse_linux_enterprise_server, Suse_openstack_cloud	7.5
2020-01-09	CVE-2020-5504	In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.	Debian_linux, Phpmyadmin, Suse_linux_enterprise_server	8.8
2020-03-23	CVE-2020-6422	Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server	8.8
2020-03-23	CVE-2020-6424	Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server	8.8
2020-03-23	CVE-2020-6426	Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server	6.5
2020-03-23	CVE-2020-6427	Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server	8.8
2020-03-23	CVE-2020-6428	Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server	8.8
2020-03-23	CVE-2020-6429	Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server	8.8