Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse suse linux 10.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-13764
Type confusion in JavaScript in Google Chrome before 79.0.3945.79 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Suse Package Hub -
Opensuse Backports Sle 15.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
2 Github repositories
1 Article
8.8
CVSSv3
CVE-2012-6639
An privilege elevation vulnerability exists in Cloud-init prior to 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.
Canonical Cloud-init
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Linux Enterprise Server 11
7.8
CVSSv3
CVE-2022-27239
In cifs-utils up to and including 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Samba Cifs-utils
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise Server 11
Suse Openstack Cloud 8.0
Suse Linux Enterprise Server 15
Suse Linux Enterprise Software Development Kit 12
Suse Openstack Cloud Crowbar 8.0
Suse Openstack Cloud Crowbar 9.0
Suse Openstack Cloud 9.0
Suse Linux Enterprise Server 12
Suse Manager Server 4.1
Suse Linux Enterprise Desktop 15
Suse Enterprise Storage 7.0
Suse Caas Platform 4.0
Suse Enterprise Storage 6.0
Suse Manager Proxy 4.1
Suse Linux Enterprise High Performance Computing 12.0
Suse Linux Enterprise High Performance Computing 15.0
Suse Linux Enterprise Real Time 15.0
Suse Linux Enterprise Point Of Service 11.0
7.8
CVSSv3
CVE-2021-26720
avahi-daemon-check-dns.sh in the Debian avahi package up to and including 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local malicious user to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi...
Avahi Avahi
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2008-2931
The do_change_type function in fs/namespace.c in the Linux kernel prior to 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
Linux Linux Kernel
Debian Debian Linux 4.0
Novell Suse Linux Enterprise Server 10.0
Novell Suse Linux Enterprise Desktop 10.0
Opensuse Opensuse
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
7.8
CVSSv3
CVE-2004-0940
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
Openpkg Openpkg 2.0
Openpkg Openpkg 2.1
Openpkg Openpkg 2.2
Apache Http Server
Slackware Slackware Linux 9.0
Slackware Slackware Linux 8.1
Slackware Slackware Linux 10.0
Hp Hp-ux 11.11
Suse Suse Linux 9.2
Suse Suse Linux 9.0
Slackware Slackware Linux 8.0
Suse Suse Linux 8.2
Slackware Slackware Linux 9.1
Slackware Slackware Linux Current
Suse Suse Linux 8.0
Trustix Secure Linux 1.5
Hp Hp-ux 11.00
Hp Hp-ux 11.22
Suse Suse Linux 9.1
Hp Hp-ux 11.20
Suse Suse Linux 8.1
2 EDB exploits
7.7
CVSSv3
CVE-2020-14147
An integer overflow in the getnum function in lua_struct.c in Redis prior to 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox rest...
Redislabs Redis
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.1
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
Suse Linux Enterprise 12.0
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2021-41819
CGI::Cookie.parse in Ruby up to and including 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem up to and including 0.3.0 for Ruby.
Ruby-lang Ruby
Ruby-lang Cgi 0.3.0
Ruby-lang Cgi 0.2.0
Ruby-lang Cgi 0.1.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise 12.0
Suse Linux Enterprise 15.0
Suse Linux Enterprise 11.0
Opensuse Factory -
Opensuse Leap 15.2
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv3
CVE-2021-41817
Date.parse in the date gem up to and including 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
Ruby-lang Date
Ruby-lang Date 3.2.0
Ruby-lang Ruby
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise 12.0
Suse Linux Enterprise 15.0
Opensuse Factory -
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2019-19925
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
Sqlite Sqlite 3.30.1
Siemens Sinec Infrastructure Network Services
Oracle Mysql Workbench
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Suse Package Hub -
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Netapp Cloud Backup -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »