11.0

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-08	CVE-2011-4190	Cryptographic Issues vulnerability in Suse products The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. network high complexity suse CWE-310	5.3
2018-06-08	CVE-2011-3172	Permissions, Privileges, and Access Controls vulnerability in Suse Linux Enterprise Server A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. network low complexity suse CWE-264 critical	9.8
2017-08-09	CVE-2015-3405	Insufficient Entropy vulnerability in multiple products ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys. network low complexity ntp debian suse opensuse-project opensuse fedoraproject redhat CWE-331	7.5