Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse security vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2019-3700
yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used until yast2-security ...
Suse Yast2-security
NA
CVE-2005-0638
xloadimage prior to 4.1-r2, and xli prior to 1.17, allows malicious users to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
Xli Xli 1.14
Xli Xli 1.15
Xli Xli 1.16
Xli Xli 1.17
Suse Suse Linux 1.0
Suse Suse Linux 2.0
Suse Suse Linux 5.0
Suse Suse Linux 5.1
Suse Suse Linux 6.3
Suse Suse Linux 7.0
Suse Suse Linux 7.2
Suse Suse Linux 8.2
Suse Suse Linux 9.0
Suse Suse Linux 3.0
Suse Suse Linux 4.0
Suse Suse Linux 5.2
Suse Suse Linux 5.3
Suse Suse Linux 6.4
Suse Suse Linux 7.1
Suse Suse Linux 7.3
Suse Suse Linux 9.1
Suse Suse Linux 4.2
NA
CVE-2004-1184
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
Gnu Enscript 1.5
Gnu Enscript 1.6.3
Gnu Enscript 1.6.4
Gnu Enscript 1.6.1
Gnu Enscript 1.6.2
Gnu Enscript 1.6
Gnu Enscript 1.4
Sgi Propack 3.0
Suse Suse Linux 3.0
Suse Suse Linux 4.0
Suse Suse Linux 4.2
Suse Suse Linux 5.3
Suse Suse Linux 6.0
Suse Suse Linux 6.4
Suse Suse Linux 7.1
Suse Suse Linux 7.3
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 1.0
Suse Suse Linux 2.0
Suse Suse Linux 5.1
Suse Suse Linux 5.2
NA
CVE-2005-1043
exif.c in PHP prior to 4.3.11 allows remote malicious users to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.2
Php Php 4.3.9
Sgi Propack 3.0
Php Php 4.3.0
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.3
Php Php 4.3.4
Conectiva Linux 10.0
Conectiva Linux 9.0
Apple Mac Os X Server 10.3.9
Apple Mac Os X Server 10.4
Suse Suse Linux 4.2
Suse Suse Linux 4.3
Suse Suse Linux 4.4
Suse Suse Linux 6.1
Suse Suse Linux 6.4
Apple Mac Os X 10.4
NA
CVE-2004-1190
SUSE Linux prior to 9.1 and SUSE Linux Enterprise Server prior to 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.
Suse Suse Linux 9.0
Suse Suse Linux 8.1
Suse Suse Linux 8.2
NA
CVE-2005-0337
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote malicious users to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
Wietse Venema Postfix 2.1.3
Redhat Enterprise Linux 4.0
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.2
Suse Suse Linux 8.0
Suse Suse Linux 8.1
Redhat Enterprise Linux Desktop 4.0
Suse Suse Linux 9.2
7.5
CVSSv3
CVE-2018-12116
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-define...
Nodejs Node.js
Suse Suse Linux Enterprise Server 12
Suse Suse Enterprise Storage 4
Suse Suse Openstack Cloud 7
Suse Suse Openstack Cloud 8
Suse Suse Linux Enterprise Server 15
2 Github repositories
7.5
CVSSv3
CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.
Nodejs Node.js
Suse Suse Linux Enterprise Server 12
Suse Suse Enterprise Storage 4
Suse Suse Openstack Cloud 7
Suse Suse Openstack Cloud 8
Suse Suse Linux Enterprise Server 15
1 Github repository
5.9
CVSSv3
CVE-2009-2408
Mozilla Network Security Services (NSS) prior to 3.12.3, Firefox prior to 3.0.13, Thunderbird prior to 2.0.0.23, and SeaMonkey prior to 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, ...
Mozilla Network Security Services
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Suse Linux Enterprise Server 9
Suse Linux Enterprise 11.0
Suse Linux Enterprise 10.0
Opensuse Opensuse
Debian Debian Linux 5.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
NA
CVE-2004-0929
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and previous versions, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote malicious users to execute arbitrary code via a malformed TIFF image.
Libtiff Libtiff 3.6.1
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.2
Suse Suse Linux 8
Suse Suse Linux 1.0
Suse Suse Linux 8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »