Vulnerabilities > Suse > Linux Enterprise Desktop > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-27 | CVE-2006-7246 | Improper Certificate Validation vulnerability in multiple products NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. | 6.8 |
| 2020-01-23 | CVE-2015-5239 | Infinite Loop vulnerability in multiple products Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. | 6.5 |
| 2019-06-19 | CVE-2019-11038 | Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. | 5.3 |
| 2018-11-26 | CVE-2018-19542 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 6.5 |
| 2018-11-26 | CVE-2018-19539 | Reachable Assertion vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 6.5 |
| 2018-10-31 | CVE-2018-18873 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 5.5 |
| 2017-10-17 | CVE-2017-13088 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. | 5.3 |
| 2017-10-17 | CVE-2017-13087 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. | 5.3 |
| 2017-10-17 | CVE-2017-13086 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | 6.8 |
| 2017-10-17 | CVE-2017-13084 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | 6.8 |