Linux Enterprise Server

linux_enterprise_server

Vendor: Suse • 474 CVEs

CVEs (474)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-0507 4Debian OracleSun+1 more 7Debian Linux JreJre+4 more Apr 22, 2026 Jun 7, 2012 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality...Show more Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.Show less
CVE-2012-1938 4Mozilla OpensuseRedhat+1 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Jun 5, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and app...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.Show less
CVE-2012-1146 3Fedoraproject LinuxSuse 5Fedora Linux Enterprise DesktopLinux Enterprise High Availability Extension+2 more Apr 29, 2026 May 17, 2012 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a deni...Show more The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events.Show less
CVE-2012-1097 3Linux RedhatSuse 6Enterprise Linux Enterprise MrgLinux Enterprise Desktop+3 more Apr 29, 2026 May 17, 2012 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or p...Show more The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.Show less
CVE-2012-1090 3Linux RedhatSuse 5Enterprise Mrg Linux Enterprise DesktopLinux Enterprise High Availability Extension+2 more Apr 29, 2026 May 17, 2012 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.
CVE-2012-0879 4Canonical DebianLinux+1 more 6Debian Linux Linux Enterprise DesktopLinux Enterprise High Availability Extension+3 more Apr 29, 2026 May 17, 2012 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple proce...Show more The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.Show less
CVE-2012-1823 8Apple DebianFedoraproject+5 more 17Application Stack Debian LinuxEnterprise Linux Desktop+14 more Apr 21, 2026 May 11, 2012 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers...Show more sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.Show less
CVE-2011-3026 4Apple GoogleOpensuse+1 more 7Chrome Iphone OsLinux Enterprise Server+4 more Apr 29, 2026 Feb 16, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncati...Show more Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.Show less
CVE-2011-3970 3Google SuseXmlsoft 5Chrome LibxsltLinux Enterprise Desktop+2 more Apr 29, 2026 Feb 9, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2012-0449 4Debian MozillaOpensuse+1 more 8Debian Linux FirefoxLinux Enterprise Desktop+5 more Apr 29, 2026 Feb 1, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or...Show more Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.Show less
CVE-2012-0444 5Canonical DebianMozilla+2 more 9Debian Linux FirefoxLinux Enterprise Desktop+6 more Apr 29, 2026 Feb 1, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a...Show more Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.Show less
CVE-2012-0442 4Debian MozillaOpensuse+1 more 8Debian Linux FirefoxLinux Enterprise Desktop+5 more Apr 29, 2026 Feb 1, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a d...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.Show less
CVE-2011-3659 3Mozilla OpensuseSuse 7Firefox Linux Enterprise DesktopLinux Enterprise Server+4 more Apr 29, 2026 Feb 1, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vector...Show more Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.Show less
CVE-2012-0053 5Apache DebianOpensuse+2 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+8 more Apr 29, 2026 Jan 28, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of...Show more protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.Show less
CVE-2011-4132 2Linux Suse 2Linux Enterprise Server Linux Kernel Apr 29, 2026 Jan 27, 2012 N/A· v4 N/A· v3 2.1 LOW· v2 The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image wit...Show more The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value."Show less
CVE-2012-0031 5Apache DebianOpensuse+2 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+9 more Apr 29, 2026 Jan 18, 2012 N/A· v4 N/A· v3 4.6 MEDIUM· v2 scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field wi...Show more scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.Show less
CVE-2011-3919 5Apple DebianGoogle+2 more 9Chrome Debian LinuxEnterprise Linux Desktop+6 more Apr 29, 2026 Jan 7, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-4862 8Debian FedoraprojectFreebsd+5 more 10Debian Linux FedoraFreebsd+7 more Apr 29, 2026 Dec 25, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products a...Show more Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.Show less
CVE-2011-4517 7Canonical DebianFedoraproject+4 more 9Debian Linux Enterprise Linux DesktopFedora+6 more Apr 29, 2026 Dec 15, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute a...Show more The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.Show less
CVE-2011-4516 6Canonical DebianFedoraproject+3 more 8Debian Linux FedoraJasper+5 more Apr 29, 2026 Dec 15, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted...Show more Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.Show less

Previous 1...181920...24 Next