Vulnerabilities > Suse > Suse Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-22 | CVE-2010-0230 | Permissions, Privileges, and Access Controls vulnerability in Suse Opensuse and Suse Linux SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions. | 7.5 |
| 2009-07-05 | CVE-2009-1648 | Configuration vulnerability in Suse Linux 11 The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services. | 7.5 |
| 2009-05-14 | CVE-2009-0714 | Privilege Escalation vulnerability in HP Data Protector Express 3.5/4.0 Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets. | 7.2 |
| 2008-09-22 | CVE-2008-3949 | Code Injection vulnerability in Suse Linux emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file. | 7.2 |
| 2007-11-29 | CVE-2007-6167 | Permissions, Privileges, and Access Controls vulnerability in Suse Linux Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory. | 7.2 |
| 2007-11-02 | CVE-2007-5197 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mono Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods. | 7.5 |
| 2007-10-16 | CVE-2007-5471 | Denial Of Service vulnerability in Suse Linux 10 libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. | 7.8 |
| 2007-10-14 | CVE-2007-5196 | Information Exposure vulnerability in Suse Linux 10 Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195. | 7.5 |
| 2006-03-21 | CVE-2006-0745 | Local Privilege Escalation vulnerability in X.Org X Window Server X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. | 7.2 |
| 2005-10-23 | CVE-2005-3298 | Remote Buffer Overflow vulnerability in Suse Linux 9.0 Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors. | 7.5 |