Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

suse linux enterprise server 8 vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv3
CVE-2018-12116
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-define...
Nodejs Node.jsSuse Suse Linux Enterprise Server 12Suse Suse Enterprise Storage 4Suse Suse Openstack Cloud 7Suse Suse Openstack Cloud 8Suse Suse Linux Enterprise Server 15
7.5
CVSSv3
CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.
Nodejs Node.jsSuse Suse Linux Enterprise Server 12Suse Suse Enterprise Storage 4Suse Suse Openstack Cloud 7Suse Suse Openstack Cloud 8Suse Suse Linux Enterprise Server 15
NA
CVE-2007-6427
The XInput extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
X.org X ServerCanonical Ubuntu Linux 6.06Canonical Ubuntu Linux 6.10Canonical Ubuntu Linux 7.04Canonical Ubuntu Linux 7.10Debian Debian Linux 3.1Debian Debian Linux 4.0Apple Mac Os XFedoraproject Fedora 7Fedoraproject Fedora 8Opensuse Opensuse 10.2Opensuse Opensuse 10.3Suse Linux 10.1Suse Linux Enterprise Desktop 9Suse Linux Enterprise Desktop 10Suse Linux Enterprise Server 8Suse Linux Enterprise Server 9Suse Linux Enterprise Server 10Suse Linux Enterprise Software Development Kit 10Suse Open Enterprise Server -
NA
CVE-2007-2654
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
Suse Suse Linux 9.0Suse Suse Linux 8Suse Suse Linux 1.0Suse Suse Linux Openexchange Server 4.0Suse Suse Linux School Server GoldSuse Suse Linux Standard Server 8.0Xfsdump Xfsdump 2.2.38Suse Suse Open Enterprise Server 9Suse Opensuse 10.2
7.5
CVSSv3
CVE-2007-1285
The Zend Engine in PHP 4.x prior to 4.4.7, and 5.x prior to 5.2.2, allows remote malicious users to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
Php PhpCanonical Ubuntu Linux 7.10Novell Suse Linux 10.0Novell Suse Linux 10.1Suse Linux Enterprise Server 10Suse Linux Enterprise Server 8Redhat Enterprise Linux Desktop 3.0Redhat Enterprise Linux Desktop 4.0Redhat Enterprise Linux Server 4.0Redhat Enterprise Linux Workstation 4.0Redhat Enterprise Linux Workstation 3.0Redhat Enterprise Linux Server 3.0Redhat Enterprise Linux Server 2.0Redhat Enterprise Linux Workstation 2.0
NA
CVE-2005-1761
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
Novell Open Enterprise Server 9Novell Linux Desktop 9Suse Suse Linux 9.0Suse Suse Linux 9.3Suse Suse Linux 9.2Suse Suse Linux 8Suse Suse Linux 1.0Suse Suse Linux 9.1
NA
CVE-2005-1767
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
Novell Open Enterprise Server 9Novell Linux Desktop 9Suse Suse Linux 9.0Suse Suse Linux 9.3Suse Suse Linux 9.2Suse Suse Linux 8Suse Suse Linux 1.0Suse Suse Linux 9.1
NA
CVE-2003-1538
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote malicious users to execute arbitrary commands via CGI queries.
Suse Suse Linux 8.1Suse Suse Linux Openexchange Server 4.0Suse Office ServerSuse Suse Linux 8
5.9
CVSSv3
CVE-2008-4989
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS prior to 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle malicious users to insert a spoofed cer...
Gnu GnutlsFedoraproject Fedora 9Fedoraproject Fedora 8Canonical Ubuntu Linux 7.10Canonical Ubuntu Linux 8.10Canonical Ubuntu Linux 8.04Canonical Ubuntu Linux 6.06Debian Debian Linux 4.0Suse Linux Enterprise Server 11Suse Linux Enterprise Server 10Suse Linux Enterprise 11.0Suse Linux Enterprise 10.0Opensuse Opensuse
7.8
CVSSv3
CVE-2009-3620
The ATI Rage 128 (aka r128) driver in the Linux kernel prior to 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privilege...
Linux Linux KernelFedoraproject Fedora 10Canonical Ubuntu Linux 9.04Canonical Ubuntu Linux 8.10Canonical Ubuntu Linux 9.10Canonical Ubuntu Linux 8.04Canonical Ubuntu Linux 6.06Redhat Mrg Realtime 1.0Opensuse Opensuse 11.0Suse Linux Enterprise Desktop 10Suse Linux Enterprise Debuginfo 10Suse Linux Enterprise Server 10Suse Linux Enterprise Server 8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook