Vulnerabilities > Suse > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-30 | CVE-2019-11202 | Improper Authentication vulnerability in Suse Rancher An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. | 9.8 |
| 2019-07-23 | CVE-2019-11709 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. | 9.8 |
| 2018-10-04 | CVE-2018-12472 | Improper Authentication vulnerability in Suse Subscription Management Tool A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a sibling server. | 9.1 |
| 2018-10-04 | CVE-2018-12470 | SQL Injection vulnerability in Suse Subscription Management Tool A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. | 9.8 |
| 2018-09-05 | CVE-2016-1000030 | Improper Certificate Validation vulnerability in multiple products Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. | 9.8 |
| 2018-06-08 | CVE-2011-3172 | Permissions, Privileges, and Access Controls vulnerability in Suse Linux Enterprise Server A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. | 9.8 |
| 2018-01-03 | CVE-2017-18017 | Use After Free vulnerability in multiple products The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. | 9.8 |
| 2017-10-04 | CVE-2017-14491 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | 9.8 |
| 2017-08-17 | CVE-2011-0469 | Code Injection vulnerability in Suse Opensuse Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011. | 9.8 |
| 2017-06-08 | CVE-2016-4473 | Use After Free vulnerability in multiple products /ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. | 9.8 |