Vulnerabilities > Suse

DATE CVE VULNERABILITY TITLE RISK
2019-12-10 CVE-2019-13734 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2019-11-25 CVE-2012-6639 Improper Privilege Management vulnerability in multiple products
An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.
network
low complexity
canonical debian suse CWE-269
8.8
2019-11-15 CVE-2016-5285 NULL Pointer Dereference vulnerability in multiple products
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
network
low complexity
mozilla debian redhat suse avaya CWE-476
7.5
2019-10-07 CVE-2019-3688 Incorrect Default Permissions vulnerability in Suse Linux Enterprise Server 12/15
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions.
local
low complexity
suse CWE-276
7.1
2019-09-04 CVE-2019-13209 Cross-site Scripting vulnerability in Suse Rancher
Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher.
network
low complexity
suse CWE-79
6.1
2019-07-30 CVE-2019-11202 Improper Authentication vulnerability in Suse Rancher
An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1.
network
low complexity
suse CWE-287
critical
9.8
2019-07-23 CVE-2019-11730 A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed.
network
low complexity
mozilla debian opensuse suse
6.5
2019-07-23 CVE-2019-11709 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7.
network
low complexity
mozilla opensuse suse debian CWE-787
critical
9.8
2019-06-19 CVE-2019-11038 Use of Uninitialized Resource vulnerability in multiple products
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable.
5.3
2019-06-10 CVE-2019-11881 Unspecified vulnerability in Suse Rancher 2.1.4
A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols.
network
low complexity
suse
4.7