Vulnerabilities (CVE)

Filtered by vendor Suse Subscribe
Filtered by product Suse Linux
Total 214 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0933 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2024-02-28 7.5 HIGH N/A
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2006-2703 1 Suse 1 Suse Linux 2024-02-28 5.0 MEDIUM N/A
The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack.
CVE-2005-1767 2 Novell, Suse 3 Linux Desktop, Open Enterprise Server, Suse Linux 2024-02-28 2.1 LOW N/A
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
CVE-2005-0085 4 Htdig, Mandrakesoft, Redhat and 1 more 5 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 2 more 2024-02-28 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
CVE-2004-1170 3 Gnu, Sun, Suse 3 A2ps, Java Desktop System, Suse Linux 2024-02-28 10.0 HIGH N/A
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
CVE-2006-2658 2 Mono, Suse 3 Xsp, Suse Linux, Suse Open Enterprise Server 2024-02-28 5.0 MEDIUM N/A
Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request.
CVE-2004-0936 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2024-02-28 7.5 HIGH N/A
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2005-4789 1 Suse 1 Suse Linux 2024-02-28 2.1 LOW N/A
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.
CVE-2004-0935 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2024-02-28 7.5 HIGH N/A
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2004-1071 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-02-28 7.2 HIGH N/A
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
CVE-2006-0646 1 Suse 1 Suse Linux 2024-02-28 4.4 MEDIUM N/A
ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file.
CVE-2003-1295 2 Redhat, Suse 2 Enterprise Linux, Suse Linux 2024-02-28 2.1 LOW N/A
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
CVE-2001-1130 1 Suse 1 Suse Linux 2024-02-28 7.5 HIGH N/A
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.
CVE-2004-0827 9 Conectiva, Enlightenment, Imagemagick and 6 more 14 Linux, Imlib, Imlib2 and 11 more 2024-02-28 7.5 HIGH N/A
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVE-2004-0905 5 Conectiva, Mozilla, Netscape and 2 more 10 Linux, Firefox, Mozilla and 7 more 2024-02-28 4.6 MEDIUM N/A
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
CVE-2002-2259 2 Gnuplot, Suse 2 Gnuplot, Suse Linux 2024-02-28 7.2 HIGH N/A
Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.
CVE-1999-1495 1 Suse 1 Suse Linux 2024-02-28 2.1 LOW N/A
xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.
CVE-1999-0390 2 Redhat, Suse 2 Linux, Suse Linux 2024-02-28 7.2 HIGH N/A
Buffer overflow in Dosemu Slang library in Linux.
CVE-2002-0758 1 Suse 1 Suse Linux 2024-02-28 7.5 HIGH N/A
ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.
CVE-2000-0800 1 Suse 1 Suse Linux 2024-02-28 10.0 HIGH N/A
String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.