Vulnerabilities (CVE)

Filtered by vendor Suse Subscribe
Filtered by product Suse Linux
Total 214 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-2185 6 Debian, Mandrakesoft, Microsoft and 3 more 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more 2025-04-03 4.9 MEDIUM N/A
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
CVE-2004-0746 4 Gentoo, Kde, Mandrakesoft and 1 more 5 Linux, Kde, Konqueror and 2 more 2025-04-03 7.5 HIGH N/A
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
CVE-2001-0109 1 Suse 1 Suse Linux 2025-04-03 1.2 LOW N/A
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
CVE-2006-2658 2 Mono, Suse 3 Xsp, Suse Linux, Suse Open Enterprise Server 2025-04-03 5.0 MEDIUM N/A
Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request.
CVE-2004-0935 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2025-04-03 7.5 HIGH N/A
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2006-0646 1 Suse 1 Suse Linux 2025-04-03 4.4 MEDIUM N/A
ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file.
CVE-2005-4790 2 Novell, Suse 2 Suse Linux, Suse Linux 2025-04-03 6.9 MEDIUM N/A
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
CVE-1999-0363 2 Plp, Suse 2 Line Printer Control, Suse Linux 2025-04-03 7.2 HIGH N/A
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.
CVE-2001-0872 3 Openbsd, Redhat, Suse 3 Openssh, Linux, Suse Linux 2025-04-03 7.2 HIGH N/A
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
CVE-2005-3322 2 Squid, Suse 2 Squid, Suse Linux 2025-04-03 5.0 MEDIUM N/A
Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).
CVE-2000-0231 2 Halloween, Suse 2 Halloween Linux, Suse Linux 2025-04-03 7.2 HIGH N/A
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.
CVE-2001-0178 4 Caldera, Conectiva, Mandrakesoft and 1 more 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more 2025-04-03 2.1 LOW N/A
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
CVE-2006-2703 1 Suse 1 Suse Linux 2025-04-03 5.0 MEDIUM N/A
The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack.
CVE-2005-0750 5 Conectiva, Linux, Redhat and 2 more 8 Linux, Linux Kernel, Enterprise Linux and 5 more 2025-04-03 7.2 HIGH N/A
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
CVE-2002-0062 5 Debian, Freebsd, Gnu and 2 more 5 Debian Linux, Freebsd, Ncurses and 2 more 2025-04-03 7.2 HIGH N/A
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
CVE-2004-0981 4 Debian, Gentoo, Imagemagick and 1 more 4 Debian Linux, Linux, Imagemagick and 1 more 2025-04-03 10.0 HIGH N/A
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
CVE-2000-0491 3 Caldera, Gnome, Suse 3 Openlinux, Gdm, Suse Linux 2025-04-03 10.0 HIGH N/A
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
CVE-2004-1005 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2025-04-03 7.5 HIGH N/A
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
CVE-2004-0802 9 Conectiva, Enlightenment, Imagemagick and 6 more 16 Linux, Imlib, Imlib2 and 13 more 2025-04-03 5.1 MEDIUM N/A
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
CVE-2004-0929 2 Libtiff, Suse 2 Libtiff, Suse Linux 2025-04-03 10.0 HIGH N/A
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.