Vulnerabilities > Suse > Linux Enterprise Server > 8

DATE	CVE	VULNERABILITY TITLE	RISK
2009-10-22	CVE-2009-3620	Use of Uninitialized Resource vulnerability in multiple products The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. local low complexity linux fedoraproject canonical redhat opensuse suse CWE-908	7.8
2008-01-18	CVE-2007-6427	Out-Of-Bounds Write vulnerability in multiple products The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990. network x-org canonical debian apple fedoraproject opensuse suse CWE-787 critical	9.3
2007-03-06	CVE-2007-1285	Uncontrolled Recursion vulnerability in multiple products The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines. network low complexity php canonical novell suse redhat CWE-674	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.