Vulnerabilities (CVE)

Filtered by vendor Suse Subscribe
Filtered by product Suse Linux
Total 214 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0064 1 Suse 1 Suse Linux 2024-11-20 2.1 LOW N/A
The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.
CVE-2003-1538 1 Suse 3 Office Server, Suse Linux, Suse Linux Openexchange Server 2024-11-20 6.4 MEDIUM N/A
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.
CVE-2003-1295 2 Redhat, Suse 2 Enterprise Linux, Suse Linux 2024-11-20 2.1 LOW N/A
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
CVE-2003-0847 1 Suse 1 Suse Linux 2024-11-20 4.6 MEDIUM N/A
SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.
CVE-2003-0846 1 Suse 1 Suse Linux 2024-11-20 4.6 MEDIUM N/A
SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file.
CVE-2002-2259 2 Gnuplot, Suse 2 Gnuplot, Suse Linux 2024-11-20 7.2 HIGH N/A
Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.
CVE-2002-2185 6 Debian, Mandrakesoft, Microsoft and 3 more 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more 2024-11-20 4.9 MEDIUM N/A
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
CVE-2002-1285 1 Suse 1 Suse Linux 2024-11-20 7.2 HIGH N/A
runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments.
CVE-2002-0854 1 Suse 1 Suse Linux 2024-11-20 7.2 HIGH N/A
Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3, 8.0, and possibly other operating systems, may allow local users to gain privileges.
CVE-2002-0768 2 Luke Mewburn, Suse 2 Lukemftp, Suse Linux 2024-11-20 7.5 HIGH N/A
Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.
CVE-2002-0762 1 Suse 1 Suse Linux 2024-11-20 7.2 HIGH N/A
shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files.
CVE-2002-0758 1 Suse 1 Suse Linux 2024-11-20 7.5 HIGH N/A
ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.
CVE-2002-0083 9 Conectiva, Engardelinux, Immunix and 6 more 11 Linux, Secure Linux, Immunix and 8 more 2024-11-20 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2002-0062 5 Debian, Freebsd, Gnu and 2 more 5 Debian Linux, Freebsd, Ncurses and 2 more 2024-11-20 7.2 HIGH N/A
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
CVE-2002-0004 8 Caldera, Debian, Freebsd and 5 more 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more 2024-11-20 7.2 HIGH N/A
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
CVE-2001-1130 1 Suse 1 Suse Linux 2024-11-20 7.5 HIGH N/A
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.
CVE-2001-1012 1 Suse 1 Suse Linux 2024-11-20 7.2 HIGH N/A
Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.
CVE-2001-0918 1 Suse 1 Suse Linux 2024-11-20 5.1 MEDIUM N/A
Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely.
CVE-2001-0914 2 Linux, Suse 2 Linux Kernel, Suse Linux 2024-11-20 2.1 LOW N/A
Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading.
CVE-2001-0872 3 Openbsd, Redhat, Suse 3 Openssh, Linux, Suse Linux 2024-11-20 7.2 HIGH N/A
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.