Vulnerabilities (CVE)

Filtered by vendor Suse Subscribe
Total 1118 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-1182 6 Caldera, Debian, Delix and 3 more 6 Openlinux Lite, Debian Linux, Dld and 3 more 2024-02-04 7.2 HIGH N/A
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
CVE-2002-0004 8 Caldera, Debian, Freebsd and 5 more 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more 2024-02-04 7.2 HIGH N/A
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
CVE-2004-0746 4 Gentoo, Kde, Mandrakesoft and 1 more 5 Linux, Kde, Konqueror and 2 more 2024-02-04 7.5 HIGH N/A
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
CVE-2001-1130 1 Suse 1 Suse Linux 2024-02-04 7.5 HIGH N/A
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.
CVE-2001-0172 2 Hans Reiser, Suse 2 Reiserfs, Suse Linux 2024-02-04 7.2 HIGH N/A
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.
CVE-2004-0461 5 Infoblox, Isc, Mandrakesoft and 2 more 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more 2024-02-04 10.0 HIGH N/A
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
CVE-2004-0803 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2024-02-04 7.5 HIGH N/A
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
CVE-2000-0800 1 Suse 1 Suse Linux 2024-02-04 10.0 HIGH N/A
String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.
CVE-2000-0614 1 Suse 1 Suse Linux 2024-02-04 10.0 HIGH N/A
Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output.
CVE-2004-2097 1 Suse 1 Suse Linux 2024-02-04 2.1 LOW N/A
Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd.
CVE-2004-0497 7 Conectiva, Gentoo, Linux and 4 more 9 Linux, Linux, Linux Kernel and 6 more 2024-02-04 2.1 LOW N/A
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2004-1145 7 Altlinux, Conectiva, Debian and 4 more 9 Alt Linux, Linux, Debian Linux and 6 more 2024-02-04 5.0 MEDIUM N/A
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
CVE-2000-1044 1 Suse 1 Suse Linux 2024-02-04 10.0 HIGH N/A
Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.
CVE-1999-0433 5 Netbsd, Redhat, Slackware and 2 more 5 Netbsd, Linux, Slackware Linux and 2 more 2024-02-04 4.6 MEDIUM N/A
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
CVE-2001-0193 2 Debian, Suse 2 Debian Linux, Suse Linux 2024-02-04 7.2 HIGH N/A
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
CVE-2000-1040 1 Suse 1 Suse Linux 2024-02-04 10.0 HIGH N/A
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.
CVE-2004-0554 6 Avaya, Conectiva, Gentoo and 3 more 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more 2024-02-04 2.1 LOW N/A
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
CVE-2004-0688 4 Openbsd, Suse, X.org and 1 more 4 Openbsd, Suse Linux, X11r6 and 1 more 2024-02-04 7.5 HIGH N/A
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
CVE-1999-0234 5 Caldera, Redhat, Sgi and 2 more 5 Openlinux, Linux, Irix and 2 more 2024-02-04 4.6 MEDIUM N/A
Bash treats any character with a value of 255 as a command separator.
CVE-1999-0804 4 Debian, Linux, Redhat and 1 more 4 Debian Linux, Linux Kernel, Linux and 1 more 2024-02-04 5.0 MEDIUM N/A
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.