Suse linux enterprise sdk
This hub aggregates every CVE we track for Suse linux enterprise sdk, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
30
CVEs tracked
16
Critical
7
High
0
In CISA KEV
Severity distribution
CRITICAL16HIGH7MEDIUM7
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Suse linux enterprise sdk.
- CVE-2019-3681osc: stores downloaded (supposed) RPM in network-controlled filesystem paths7.5
- CVE-2020-14397An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.7.5
- CVE-2020-14399An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.7.5
- CVE-2020-14401An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.6.5
- CVE-2020-14402An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.5.4
- CVE-2020-14403An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.5.4
- CVE-2020-14404An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.5.4
- CVE-2020-14405An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.6.5
- CVE-2020-14152In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.7.1
- CVE-2020-14153In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.7.1
- CVE-2020-6851OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.7.5
- CVE-2019-16255Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data...8.1
- CVE-2019-1549Fork Protection5.3
- CVE-2018-20622JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.6.5
- CVE-2016-2315revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based...9.8
Product normalization is registry-driven with AI assist and human review. How it works