Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse linux enterprise 9.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23301
Relax-and-Recover (aka ReaR) up to and including 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local malicious users to gain access to system secrets otherwise only readable by root.
Relax-and-recover Relax-and-recover
Suse Linux Enterprise 15.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
7.2
CVSSv2
CVE-2022-27239
In cifs-utils up to and including 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Samba Cifs-utils
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise Server 11
Suse Openstack Cloud 8.0
Suse Linux Enterprise Server 15
Suse Linux Enterprise Software Development Kit 12
Suse Openstack Cloud Crowbar 8.0
Suse Openstack Cloud Crowbar 9.0
Suse Openstack Cloud 9.0
Suse Linux Enterprise Server 12
Suse Manager Server 4.1
Suse Linux Enterprise Desktop 15
Suse Enterprise Storage 7.0
Suse Caas Platform 4.0
Suse Enterprise Storage 6.0
Suse Manager Proxy 4.1
Suse Linux Enterprise High Performance Computing 12.0
Suse Linux Enterprise High Performance Computing 15.0
Suse Linux Enterprise Real Time 15.0
Suse Linux Enterprise Point Of Service 11.0
5
CVSSv2
CVE-2021-41819
CGI::Cookie.parse in Ruby up to and including 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem up to and including 0.3.0 for Ruby.
Ruby-lang Ruby
Ruby-lang Cgi 0.3.0
Ruby-lang Cgi 0.2.0
Ruby-lang Cgi 0.1.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise 12.0
Suse Linux Enterprise 15.0
Suse Linux Enterprise 11.0
Opensuse Factory -
Opensuse Leap 15.2
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5
CVSSv2
CVE-2021-41817
Date.parse in the date gem up to and including 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
Ruby-lang Date
Ruby-lang Date 3.2.0
Ruby-lang Ruby
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise 12.0
Suse Linux Enterprise 15.0
Opensuse Factory -
Opensuse Leap 15.2
5.8
CVSSv2
CVE-2021-4166
vim is vulnerable to Out-of-bounds Read
Vim Vim
Redhat Enterprise Linux 8.0
Suse Linux Enterprise 12.0
Suse Linux Enterprise 15.0
Opensuse Factory -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Apple Mac Os X 10.15.7
Apple Macos
Apple Macos 10.15.7
3.6
CVSSv2
CVE-2018-10195
lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.
Lrzsz Project Lrzsz
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2020-6422
Use after free in WebGL in Google Chrome before 80.0.3987.149 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Suse Linux Enterprise Server 12
Opensuse Backports Sle 15.0
Suse Suse Linux Enterprise Desktop 12
6.8
CVSSv2
CVE-2020-6424
Use after free in media in Google Chrome before 80.0.3987.149 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Suse Suse Linux Enterprise Server 12
Opensuse Backports Sle 15.0
Suse Suse Linux Enterprise Desktop 12
4.3
CVSSv2
CVE-2020-6426
Inappropriate implementation in V8 in Google Chrome before 80.0.3987.149 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Suse Suse Linux Enterprise Server 12
Opensuse Backports Sle 15.0
Suse Suse Linux Enterprise Desktop 12
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2020-6427
Use after free in audio in Google Chrome before 80.0.3987.149 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Suse Suse Linux Enterprise Server 12
Opensuse Backports Sle 15.0
Suse Suse Linux Enterprise Desktop 12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »