Vulnerabilities > Suse > Linux Enterprise Workstation Extension

DATE CVE VULNERABILITY TITLE RISK
2014-07-17 CVE-2014-4260 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.
network
low complexity
oracle debian suse mariadb
5.5
2014-07-17 CVE-2014-4258 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.
network
low complexity
oracle vmware opensuse-project debian mariadb suse
6.5
2014-07-17 CVE-2014-4207 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.
network
low complexity
suse oracle mariadb debian
4.0
2014-07-17 CVE-2014-2494 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.
network
low complexity
oracle suse mariadb debian
4.0
2014-06-11 CVE-2014-2978 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.
network
low complexity
directfb opensuse suse CWE-119
critical
10.0
2014-06-11 CVE-2014-2977 Numeric Errors vulnerability in multiple products
Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.
network
low complexity
opensuse suse directfb CWE-189
critical
10.0
2014-05-06 CVE-2014-0198 NULL Pointer Dereference vulnerability in multiple products
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
4.3
2014-04-14 CVE-2010-5298 Race Condition vulnerability in multiple products
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.
network
high complexity
openssl mariadb fedoraproject suse CWE-362
4.0