Suse Linux

suse_linux

Vendor: Suse • 208 CVEs

CVEs (208)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-0496 5Gentoo LinuxMandrakesoft+2 more 13Linux Linux KernelMandrake Linux+10 more Apr 16, 2026 Dec 6, 2004 N/A· v4 N/A· v3 7.2 HIGH· v2 Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source...Show more Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.Show less
CVE-2004-0746 4Gentoo KdeMandrakesoft+1 more 5Kde KonquerorLinux+2 more Apr 16, 2026 Oct 20, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack an...Show more Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.Show less
CVE-2004-0688 4Openbsd SuseX.org+1 more 4Openbsd Suse LinuxX11r6+1 more Apr 16, 2026 Oct 20, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to...Show more Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.Show less
CVE-2004-0687 4Openbsd SuseX.org+1 more 4Openbsd Suse LinuxX11r6+1 more Apr 16, 2026 Oct 20, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a mal...Show more Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.Show less
CVE-2005-0373 6Apple ConectivaCyrus+3 more 8Fedora Core LinuxMac Os X+5 more Apr 16, 2026 Oct 7, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary cod...Show more Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.Show less
CVE-2004-0866 4Kde MicrosoftMozilla+1 more 5Firefox IeInternet Explorer+2 more Apr 16, 2026 Sep 16, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a us...Show more Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.Show less
CVE-2004-0827 9Conectiva EnlightenmentImagemagick+6 more 14Enterprise Linux Enterprise Linux DesktopFedora Core+11 more Apr 16, 2026 Sep 16, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malf...Show more Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.Show less
CVE-2004-0905 5Conectiva MozillaNetscape+2 more 10Enterprise Linux Enterprise Linux DesktopFedora Core+7 more Apr 16, 2026 Sep 14, 2004 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and...Show more Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.Show less
CVE-2004-0807 5Conectiva MandrakesoftSamba+2 more 5Linux Mandrake LinuxSamba+2 more Apr 16, 2026 Sep 13, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
CVE-2004-0587 3Mandrakesoft RedhatSuse 4Fedora Core Mandrake LinuxMandrake Linux Corporate Server+1 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
CVE-2004-0554 6Avaya ConectivaGentoo+3 more 18Converged Communications Server Enterprise LinuxIntuity Audix+15 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions,...Show more Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.Show less
CVE-2004-0535 6Conectiva EngardelinuxGentoo+3 more 17Linux LinuxLinux Kernel+14 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported...Show more The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.Show less
CVE-2004-0495 6Avaya ConectivaGentoo+3 more 18Converged Communications Server Enterprise LinuxIntuity Audix+15 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 7.2 HIGH· v2 Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
CVE-2004-0461 5Infoblox IscMandrakesoft+2 more 11Dhcpd Dns One ApplianceFedora Core+8 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, w...Show more The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.Show less
CVE-2004-0460 5Infoblox IscMandrakesoft+2 more 11Dhcpd Dns One ApplianceFedora Core+8 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multi...Show more Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.Show less
CVE-2004-2004 1Suse 1Suse Linux Apr 16, 2026 May 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH.
CVE-2004-0064 1Suse 1Suse Linux Apr 16, 2026 Feb 17, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.
CVE-2003-1538 1Suse 3Office Server Suse LinuxSuse Linux Openexchange Server Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 6.4 MEDIUM· v2 susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.
CVE-2003-1295 2Redhat Suse 2Enterprise Linux Suse Linux Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 2.1 LOW· v2 Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
CVE-2003-0847 1Suse 1Suse Linux Apr 16, 2026 Nov 17, 2003 N/A· v4 N/A· v3 4.6 MEDIUM· v2 SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.

Previous 1...678...11 Next