Search
Total
215 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2023 | 1 Suse | 1 Suse Linux | 2016-12-20 | 10.0 HIGH | N/A |
| The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail. | |||||
| CVE-2004-0064 | 1 Suse | 1 Suse Linux | 2016-10-18 | 2.1 LOW | N/A |
| The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory. | |||||
| CVE-2003-0847 | 1 Suse | 1 Suse Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file. | |||||
| CVE-2003-0846 | 1 Suse | 1 Suse Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. | |||||
| CVE-2002-0083 | 9 Conectiva, Engardelinux, Immunix and 6 more | 11 Linux, Secure Linux, Immunix and 8 more | 2016-10-18 | 10.0 HIGH | N/A |
| Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. | |||||
| CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
| CVE-2010-0230 | 1 Suse | 2 Opensuse, Suse Linux | 2011-04-28 | 7.5 HIGH | N/A |
| SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions. | |||||
| CVE-2007-0980 | 3 Hp, Redhat, Suse | 4 Serviceguard For Linux, Enterprise Linux, Suse Linux and 1 more | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. | |||||
| CVE-2006-2658 | 2 Mono, Suse | 3 Xsp, Suse Linux, Suse Open Enterprise Server | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request. | |||||
| CVE-2007-0460 | 1 Suse | 1 Suse Linux | 2010-09-15 | 10.0 HIGH | N/A |
| Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." | |||||
| CVE-2009-1648 | 1 Suse | 1 Suse Linux | 2009-07-06 | 7.5 HIGH | N/A |
| The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services. | |||||
| CVE-2007-5195 | 1 Suse | 1 Suse Linux | 2008-11-15 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5196. | |||||
| CVE-2007-5196 | 1 Suse | 1 Suse Linux | 2008-11-15 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195. | |||||
| CVE-2007-4393 | 1 Suse | 1 Suse Linux | 2008-11-15 | 4.6 MEDIUM | N/A |
| The installation script for orarun on SUSE Linux before 20070810 places the oracle user into the disk group, which allows the local oracle user to read or write raw disk partitions. | |||||
| CVE-2007-6167 | 1 Suse | 1 Suse Linux | 2008-11-15 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory. | |||||
| CVE-2007-2654 | 2 Suse, Xfsdump | 8 Opensuse, Suse Linux, Suse Linux Openexchange Server and 5 more | 2008-11-13 | 4.4 MEDIUM | N/A |
| xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems. | |||||
| CVE-2005-3322 | 2 Squid, Suse | 2 Squid, Suse Linux | 2008-09-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL). | |||||
| CVE-2004-0991 | 2 Mpg123, Suse | 2 Mpg123, Suse Linux | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files. | |||||
| CVE-2002-1285 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments. | |||||
| CVE-2002-0758 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.5 HIGH | N/A |
| ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file. | |||||
| CVE-2002-0762 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files. | |||||
| CVE-2000-0800 | 1 Suse | 1 Suse Linux | 2008-09-10 | 10.0 HIGH | N/A |
| String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges. | |||||
| CVE-2000-0614 | 1 Suse | 1 Suse Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output. | |||||
| CVE-2000-0355 | 3 Bent Bagger, Redhat, Suse | 3 Pbpg, Linux, Suse Linux | 2008-09-10 | 7.5 HIGH | N/A |
| pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files. | |||||
| CVE-2000-0363 | 1 Suse | 1 Suse Linux | 2008-09-10 | 6.2 MEDIUM | N/A |
| Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory. | |||||
| CVE-2000-0293 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. | |||||
| CVE-2000-0340 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable. | |||||
| CVE-2000-0433 | 1 Suse | 1 Suse Linux | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | |||||
| CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | |||||
| CVE-2000-0438 | 4 Caldera, Slackware, Suse and 1 more | 4 Openlinux, Slackware Linux, Suse Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. | |||||
| CVE-2000-0362 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. | |||||
| CVE-2000-0361 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information. | |||||
| CVE-2000-0231 | 2 Halloween, Suse | 2 Halloween Linux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. | |||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
| CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | |||||
| CVE-1999-0831 | 4 Cobalt, Debian, Sun and 1 more | 6 Qube, Debian Linux, Cobalt Raq and 3 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service in Linux syslogd via a large number of connections. | |||||
| CVE-1999-0906 | 1 Suse | 1 Suse Linux | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable. | |||||
| CVE-1999-0746 | 2 Slackware, Suse | 2 Slackware Linux, Suse Linux | 2008-09-09 | 5.0 MEDIUM | N/A |
| A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. | |||||
| CVE-1999-0768 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2008-09-09 | 7.5 HIGH | N/A |
| Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. | |||||
| CVE-1999-0804 | 4 Debian, Linux, Redhat and 1 more | 4 Debian Linux, Linux Kernel, Linux and 1 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths. | |||||
| CVE-1999-0433 | 5 Netbsd, Redhat, Slackware and 2 more | 5 Netbsd, Linux, Slackware Linux and 2 more | 2008-09-09 | 4.6 MEDIUM | N/A |
| XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
| CVE-1999-0234 | 5 Caldera, Redhat, Sgi and 2 more | 5 Openlinux, Linux, Irix and 2 more | 2008-09-09 | 4.6 MEDIUM | N/A |
| Bash treats any character with a value of 255 as a command separator. | |||||
| CVE-1999-0426 | 1 Suse | 1 Suse Linux | 2008-09-09 | 10.0 HIGH | N/A |
| The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. | |||||
| CVE-1999-0363 | 2 Plp, Suse | 2 Line Printer Control, Suse Linux | 2008-09-09 | 7.2 HIGH | N/A |
| SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. | |||||
| CVE-1999-0405 | 4 Debian, Freebsd, Redhat and 1 more | 4 Debian Linux, Freebsd, Linux and 1 more | 2008-09-09 | 7.2 HIGH | N/A |
| A buffer overflow in lsof allows local users to obtain root privilege. | |||||
| CVE-1999-0434 | 5 Caldera, Debian, Netbsd and 2 more | 5 Openlinux, Debian Linux, Netbsd and 2 more | 2008-09-09 | 7.5 HIGH | N/A |
| XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
| CVE-1999-0390 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in Dosemu Slang library in Linux. | |||||
| CVE-1999-0409 | 1 Suse | 1 Suse Linux | 2008-09-09 | 4.6 MEDIUM | N/A |
| Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access. | |||||
| CVE-1999-0462 | 1 Suse | 1 Suse Linux | 2008-09-09 | 7.2 HIGH | N/A |
| suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. | |||||
| CVE-2008-0732 | 2 Apache, Suse | 2 Geronimo, Suse Linux | 2008-09-05 | 2.1 LOW | N/A |
| The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories. | |||||