Vulnerabilities (CVE)

Filtered by vendor Suse Subscribe
Filtered by product Suse Linux
Total 214 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0867 4 Kde, Microsoft, Mozilla and 1 more 5 Konqueror, Ie, Internet Explorer and 2 more 2024-02-28 7.5 HIGH N/A
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.
CVE-2004-0592 1 Suse 1 Suse Linux 2024-02-28 5.0 MEDIUM N/A
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.
CVE-2004-1476 2 Suse, Xine 3 Suse Linux, Xine, Xine-lib 2024-02-28 5.1 MEDIUM N/A
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
CVE-2000-0361 1 Suse 1 Suse Linux 2024-02-28 2.1 LOW N/A
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.
CVE-2001-0525 1 Suse 1 Suse Linux 2024-02-28 7.2 HIGH N/A
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument.
CVE-1999-0409 1 Suse 1 Suse Linux 2024-02-28 4.6 MEDIUM N/A
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.
CVE-2000-0433 1 Suse 1 Suse Linux 2024-02-28 4.6 MEDIUM N/A
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.
CVE-2001-0458 4 Debian, Mandrakesoft, Ralf S. Engelschall and 1 more 4 Debian Linux, Mandrake Linux, Eperl and 1 more 2024-02-28 7.5 HIGH N/A
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
CVE-2000-1044 1 Suse 1 Suse Linux 2024-02-28 10.0 HIGH N/A
Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.
CVE-2000-0218 2 Caldera, Suse 2 Openlinux, Suse Linux 2024-02-28 7.2 HIGH N/A
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.
CVE-2001-1012 1 Suse 1 Suse Linux 2024-02-28 7.2 HIGH N/A
Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.
CVE-2004-0495 6 Avaya, Conectiva, Gentoo and 3 more 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more 2024-02-28 7.2 HIGH N/A
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
CVE-2001-0869 3 Caldera, Redhat, Suse 5 Openlinux Eserver, Openlinux Workstation, Linux and 2 more 2024-02-28 7.5 HIGH N/A
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
CVE-2001-0178 4 Caldera, Conectiva, Mandrakesoft and 1 more 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more 2024-02-28 2.1 LOW N/A
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
CVE-2000-0666 5 Conectiva, Debian, Redhat and 2 more 5 Linux, Debian Linux, Linux and 2 more 2024-02-28 10.0 HIGH N/A
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
CVE-2001-0109 1 Suse 1 Suse Linux 2024-02-28 1.2 LOW N/A
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
CVE-2004-0461 5 Infoblox, Isc, Mandrakesoft and 2 more 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more 2024-02-28 10.0 HIGH N/A
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
CVE-2004-0554 6 Avaya, Conectiva, Gentoo and 3 more 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more 2024-02-28 2.1 LOW N/A
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
CVE-2001-0851 3 Caldera, Linux, Suse 7 Openlinux, Openlinux Edesktop, Openlinux Eserver and 4 more 2024-02-28 5.0 MEDIUM N/A
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
CVE-1999-0768 2 Redhat, Suse 2 Linux, Suse Linux 2024-02-28 7.5 HIGH N/A
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.