Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse linux enterprise 9.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2024-23301
Relax-and-Recover (aka ReaR) up to and including 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local malicious users to gain access to system secrets otherwise only readable by root.
Relax-and-recover Relax-and-recover
Suse Linux Enterprise 15.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
5.4
CVSSv3
CVE-2020-6394
Insufficient policy enforcement in Blink in Google Chrome before 80.0.3987.87 allowed a remote malicious user to bypass content security policy via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
5.3
CVSSv3
CVE-2019-11038
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value o...
Libgd Libgd 2.2.5
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 32
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Desktop 12
Opensuse Leap 15.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Workstation Extension 12
Redhat Enterprise Linux 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
5.3
CVSSv3
CVE-2017-13079
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Server 7
Freebsd Freebsd 10
Freebsd Freebsd 10.4
Opensuse Leap 42.2
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 16.04
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd
Opensuse Leap 42.3
W1.fi Hostapd 2.4
W1.fi Hostapd 2.3
W1.fi Hostapd 0.6.10
W1.fi Hostapd 0.6.9
W1.fi Hostapd 0.4.11
W1.fi Hostapd 0.4.10
W1.fi Hostapd 0.4.9
W1.fi Hostapd 0.2.8
2 Articles
5.3
CVSSv3
CVE-2017-13081
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Debian Debian Linux 8.0
Freebsd Freebsd 11
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd 10.4
Canonical Ubuntu Linux 17.04
Opensuse Leap 42.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Freebsd Freebsd 11.1
Freebsd Freebsd 10
Freebsd Freebsd
Opensuse Leap 42.3
W1.fi Hostapd 2.4
W1.fi Hostapd 2.3
W1.fi Hostapd 0.6.9
W1.fi Hostapd 0.6.8
W1.fi Hostapd 0.4.10
W1.fi Hostapd 0.4.9
W1.fi Hostapd 0.2.8
W1.fi Hostapd 0.2.6
2 Articles
4.3
CVSSv3
CVE-2020-6391
Insufficient validation of untrusted input in Blink in Google Chrome before 80.0.3987.87 allowed a local malicious user to bypass content security policy via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
4.3
CVSSv3
CVE-2020-6392
Insufficient policy enforcement in extensions in Google Chrome before 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
4.3
CVSSv3
CVE-2020-6396
Inappropriate implementation in Skia in Google Chrome before 80.0.3987.87 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
4.3
CVSSv3
CVE-2020-6403
Incorrect implementation in Omnibox in Google Chrome on iOS before 80.0.3987.87 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
NA
CVE-2015-2695
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) prior to 1.14 relies on an inappropriate context handle, which allows remote malicious users to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during ...
Mit Kerberos 5
Oracle Solaris 11.3
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 15.10
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Software Development Kit 12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »