Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse opensuse 10.2 vulnerabilities and exploits
(subscribe to this query)
392
VMScore
CVE-2007-2654
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
Suse Suse Linux 9.0
Suse Suse Linux 8
Suse Suse Linux 1.0
Suse Suse Linux Openexchange Server 4.0
Suse Suse Linux School Server Gold
Suse Suse Linux Standard Server 8.0
Xfsdump Xfsdump 2.2.38
Suse Suse Open Enterprise Server 9
Suse Opensuse 10.2
294
VMScore
CVE-2007-5200
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file.
Opensuse Opensuse 10.3
Opensuse Opensuse 10.2
614
VMScore
CVE-2008-1375
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x prior to 2.6.24.6, and 2.6.25 prior to 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
Linux Linux Kernel
Linux Linux Kernel 2.6.25
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Software Development Kit 10
Debian Debian Linux 4.0
Fedoraproject Fedora 8
384
VMScore
CVE-2007-5000
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 up to and including 1.3.39 and 2.0.35 up to and including 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 up to and including 2.2.6 allows remote malicious u...
Apache Http Server
Fedoraproject Fedora 8
Fedoraproject Fedora 7
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Opensuse Opensuse 10.2
Suse Linux Enterprise Server 9
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 9
Oracle Http Server 10.1.3.5.0
445
VMScore
CVE-2008-3187
zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before accepting repository keys, which allows remote repositories to cause a denial of service (package data corruption) via a spoofed key.
Opensuse Zypper 11.0
Opensuse Zypper 10.2
Opensuse Zypper 10.3
828
VMScore
CVE-2008-5021
nsFrameManager in Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a fi...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Fedoraproject Fedora 9
Fedoraproject Fedora 8
Opensuse Opensuse 10.2
Suse Linux Enterprise Server 9
Novell Linux Desktop 9
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Debuginfo 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Novell Open Enterprise Server -
828
VMScore
CVE-2007-6427
The XInput extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
X.org X Server
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Apple Mac Os X
Fedoraproject Fedora 7
Fedoraproject Fedora 8
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux 10.1
Suse Linux Enterprise Desktop 9
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Server 8
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Software Development Kit 10
Suse Open Enterprise Server -
383
VMScore
CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote malicious users to obtain sensitive information, aka "Uninitialized stack values."
Mit Kerberos 5
Apple Mac Os X
Apple Mac Os X Server
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux 10.1
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 8
Fedoraproject Fedora 7
188
VMScore
CVE-2007-6206
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain se...
Linux Linux Kernel 2.6.24
Linux Linux Kernel
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Real Time Extension 10
Suse Linux Enterprise Desktop 10
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Eus 4.6
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
668
VMScore
CVE-2008-0731
The Linux kernel prior to 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow malicious users to trigger the unconfining of an apparmored task.
Novell Apparmor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started