Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse shadow vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-16588
Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package up to and including 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and up to and including 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate...
Suse Shadow
1 Github repository
NA
CVE-2002-0762
shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files.
Suse Suse Linux 8.0
NA
CVE-2010-2302
Use-after-free vulnerability in WebCore in WebKit in Google Chrome prior to 5.0.375.70 allows remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rd...
Google Chrome
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Suse Linux Enterprise Desktop 10
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 10
Suse Suse Linux Enterprise Server 11
NA
CVE-2012-4209
Mozilla Firefox prior to 17.0, Firefox ESR 10.x prior to 10.0.11, Thunderbird prior to 17.0, Thunderbird ESR 10.x prior to 10.0.11, and SeaMonkey prior to 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easie...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.3
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 10.04
9.8
CVSSv3
CVE-2016-1601
yast2-users prior to 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow malicious users to have unspecified impact via unkn...
Suse Yast2
NA
CVE-2012-4194
Mozilla Firefox prior to 16.0.2, Firefox ESR 10.x prior to 10.0.10, Thunderbird prior to 16.0.2, Thunderbird ESR 10.x prior to 10.0.10, and SeaMonkey prior to 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easie...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.3
NA
CVE-2012-3994
Mozilla Firefox prior to 16.0, Firefox ESR 10.x prior to 10.0.8, Thunderbird prior to 16.0, Thunderbird ESR 10.x prior to 10.0.8, and SeaMonkey prior to 2.13 allow remote malicious users to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProp...
Mozilla Firefox Esr
Mozilla Thunderbird Esr
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Sdk 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.3
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
NA
CVE-2006-5229
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote malicious users to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as d...
Openbsd Openssh 4.1
1 EDB exploit
7.5
CVSSv3
CVE-2019-19880
exprListAppendList in window.c in SQLite 3.30.1 allows malicious users to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
Sqlite Sqlite 3.30.1
Netapp Cloud Backup -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Oracle Mysql Workbench
Siemens Sinec Infrastructure Network Services
7.5
CVSSv3
CVE-2019-19923
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
Sqlite Sqlite 3.30.1
Siemens Sinec Infrastructure Network Services
Oracle Mysql Workbench
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Suse Package Hub -
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Netapp Cloud Backup -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »