Vulnerabilities > Suse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-04 | CVE-2018-12470 | SQL Injection vulnerability in Suse Subscription Management Tool A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. | 9.8 |
| 2018-09-26 | CVE-2018-16588 | Incorrect Permission Assignment for Critical Resource vulnerability in Suse Shadow 4.2.127.9.1/4.55.39 Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). | 7.8 |
| 2018-09-05 | CVE-2016-1000030 | Improper Certificate Validation vulnerability in multiple products Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. | 9.8 |
| 2018-08-10 | CVE-2018-6556 | Channel and Path Errors vulnerability in multiple products lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. | 3.3 |
| 2018-07-24 | CVE-2017-3224 | Insufficient Verification of Data Authenticity vulnerability in multiple products Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. | 8.2 |
| 2018-07-23 | CVE-2018-14523 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in aubio 0.4.6. | 8.8 |
| 2018-07-23 | CVE-2018-14522 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in aubio 0.4.6. | 8.8 |
| 2018-07-13 | CVE-2018-10875 | Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. | 7.8 |
| 2018-06-08 | CVE-2011-4190 | Cryptographic Issues vulnerability in Suse products The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. | 5.3 |
| 2018-06-08 | CVE-2011-3172 | Permissions, Privileges, and Access Controls vulnerability in Suse Linux Enterprise Server A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. | 9.8 |