Vulnerabilities > Suse > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-12 | CVE-2008-0731 | Permissions, Privileges, and Access Controls vulnerability in Novell Apparmor The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task. | 7.5 |
| 2007-11-29 | CVE-2007-6167 | Permissions, Privileges, and Access Controls vulnerability in Suse Linux Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory. | 7.2 |
| 2007-11-02 | CVE-2007-5197 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mono Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods. | 7.5 |
| 2007-10-16 | CVE-2007-5471 | Denial Of Service vulnerability in Suse Linux 10 libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. | 7.8 |
| 2007-10-14 | CVE-2007-5196 | Information Exposure vulnerability in Suse Linux 10 Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195. | 7.5 |
| 2007-03-06 | CVE-2007-1285 | Uncontrolled Recursion vulnerability in multiple products The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines. | 7.5 |
| 2006-03-21 | CVE-2006-0745 | Local Privilege Escalation vulnerability in X.Org X Window Server X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. | 7.2 |
| 2005-10-23 | CVE-2005-3298 | Remote Buffer Overflow vulnerability in Suse Linux 9.0 Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors. | 7.5 |
| 2005-10-23 | CVE-2005-3297 | Remote Buffer Overflow vulnerability in OpenWBEM Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors. | 7.5 |
| 2005-06-09 | CVE-2005-1763 | Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory. | 7.2 |