Vulnerabilities > Suse > Linux Enterprise Desktop > 12

DATE	CVE	VULNERABILITY TITLE	RISK
2015-05-21	CVE-2015-4000	Cryptographic Issues vulnerability in multiple products The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. network high complexity openssl canonical hp ibm oracle debian suse apple mozilla opera microsoft google CWE-310	3.7
2015-04-28	CVE-2015-3340	Information Exposure vulnerability in multiple products Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. xen suse fedoraproject debian opensuse CWE-200	2.9
2015-01-21	CVE-2015-0432	Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key. network low complexity oracle debian canonical redhat fedoraproject suse mariadb	4.0
2015-01-21	CVE-2015-0391	Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. network low complexity oracle redhat suse mariadb	4.0
2015-01-21	CVE-2015-0382	Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381. network oracle debian canonical fedoraproject mariadb redhat suse	4.3
2015-01-21	CVE-2015-0381	Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382. network oracle debian canonical fedoraproject mariadb redhat suse	4.3
2015-01-21	CVE-2015-0374	Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key. network debian canonical fedoraproject oracle suse redhat mariadb	3.5
2015-01-21	CVE-2014-6568	Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML. network canonical redhat debian fedoraproject oracle suse mariadb	3.5
2014-12-02	CVE-2014-9116	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function. network low complexity suse mutt debian mageia CWE-119	5.0
2014-10-15	CVE-2014-6564	Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML. network low complexity oracle suse mariadb	4.0