Suse Linux Enterprise Software Development KIT

DATE	CVE	VULNERABILITY TITLE	RISK
2016-04-27	CVE-2015-8816	The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device. low complexity novell linux suse	6.8
2016-02-08	CVE-2015-7566	The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint. low complexity novell linux	4.6
2014-10-15	CVE-2014-3566	Cryptographic Issues vulnerability in multiple products The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. network high complexity redhat ibm apple mageia novell opensuse fedoraproject openssl netbsd debian oracle CWE-310	3.4
2014-03-19	CVE-2014-1505	Information Exposure vulnerability in multiple products The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. network low complexity mozilla canonical debian redhat opensuse suse novell CWE-200	7.5