Vulnerabilities > Suse > Suse Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-30 | CVE-2007-4074 | Configuration vulnerability in multiple products The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute arbitrary commands via the local daemon on port 1314, a different vulnerability than CVE-2001-0956. | 10.0 |
| 2007-02-16 | CVE-2007-0980 | Remote Unauthorized Access vulnerability in HP Serviceguard for Linux A.11.14.06/A.11.15.07/A.11.16.10 Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. | 10.0 |
| 2007-01-24 | CVE-2007-0460 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Suse Linux Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." | 10.0 |
| 2006-10-31 | CVE-2006-5616 | Local and Remote vulnerability in OpenPBS Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2005-12-31 | CVE-2005-3625 | Resource Management Errors vulnerability in multiple products Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-399 critical | 10.0 |
| 2005-06-17 | CVE-2005-2023 | Remote Security vulnerability in Suse Linux 9.3 The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail. | 10.0 |
| 2005-03-01 | CVE-2004-0990 | Remote Integer Overflow vulnerability in GD Graphics Library Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. | 10.0 |
| 2005-02-09 | CVE-2004-0947 | Remote Buffer Overflow vulnerability in ARJ Software UNARJ Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. | 10.0 |
| 2005-02-09 | CVE-2004-0981 | Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. | 10.0 |
| 2005-01-27 | CVE-2004-0888 | Integer Overflow vulnerability in Xpdf PDFTOPS Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | 10.0 |