Filtered by vendor Novell Subscriptions
Filtered by product Suse Linux Enterprise Server Subscriptions
Total 94 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-3566 11 Apple, Debian, Fedoraproject and 8 more 28 Mac Os X, Debian Linux, Fedora and 25 more 2026-05-28 3.4 Low
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
CVE-2009-2707 1 Novell 1 Suse Linux Enterprise Server 2026-04-23 N/A
Unspecified vulnerability in ia32el (aka the IA 32 emulation functionality) before 7042_7022-0.4.2 in SUSE Linux Enterprise (SLE) 10 SP2 on Itanium IA64 machines allows local users to cause a denial of service (system crash) via a 32-bit x86 application.
CVE-2008-2931 6 Canonical, Debian, Linux and 3 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2026-04-23 7.8 High
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
CVE-2008-5422 3 Novell, Redhat, Sun 5 Suse Linux Enterprise Server, Enterprise Linux, Java Desktop System and 2 more 2026-04-23 N/A
Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors.
CVE-2008-2112 3 Novell, Redhat, Sun 4 Suse Linux Enterprise Server, Enterprise Linux, Ray Server Software and 1 more 2026-04-23 N/A
Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig.
CVE-2008-5423 3 Novell, Redhat, Sun 6 Suse Linux Enterprise Server, Enterprise Linux, Java Desktop System and 3 more 2026-04-23 N/A
Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector.
CVE-2016-2815 4 Canonical, Mozilla, Novell and 1 more 7 Ubuntu Linux, Firefox, Suse Linux Enterprise Desktop and 4 more 2025-11-25 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-0240 4 Canonical, Novell, Redhat and 1 more 9 Ubuntu Linux, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 6 more 2025-05-09 N/A
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
CVE-2017-7995 3 Novell, Suse, Xen 6 Suse Linux Enterprise Point Of Sale, Suse Linux Enterprise Server, Manager and 3 more 2025-04-20 N/A
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL.
CVE-2017-1000366 8 Debian, Gnu, Mcafee and 5 more 26 Debian Linux, Glibc, Web Gateway and 23 more 2025-04-20 N/A
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
CVE-2016-9960 5 Fedoraproject, Game-music-emu Project, Novell and 2 more 7 Fedora, Game-music-emu, Suse Linux Enterprise Desktop and 4 more 2025-04-20 N/A
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
CVE-2016-9961 5 Fedoraproject, Game-music-emu Project, Novell and 2 more 7 Fedora, Game-music-emu, Suse Linux Enterprise Desktop and 4 more 2025-04-20 N/A
game-music-emu before 0.6.1 mishandles unspecified integer values.
CVE-2016-5759 2 Novell, Opensuse 3 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Leap 2025-04-20 N/A
The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.
CVE-2015-0400 4 Canonical, Novell, Opensuse and 1 more 6 Ubuntu Linux, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
CVE-2014-8559 7 Canonical, Linux, Novell and 4 more 14 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 11 more 2025-04-12 5.5 Medium
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
CVE-2014-3690 7 Canonical, Debian, Linux and 4 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2025-04-12 5.5 Medium
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.
CVE-2015-0438 2 Novell, Oracle 4 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit and 1 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
CVE-2014-7970 4 Canonical, Linux, Novell and 1 more 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Server and 2 more 2025-04-12 5.5 Medium
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.
CVE-2014-3687 8 Canonical, Debian, Linux and 5 more 15 Ubuntu Linux, Debian Linux, Linux Kernel and 12 more 2025-04-12 7.5 High
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.
CVE-2015-0383 7 Canonical, Debian, Fedoraproject and 4 more 11 Ubuntu Linux, Debian Linux, Fedora and 8 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.