Suse linux

This hub aggregates every CVE we track for Suse linux, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Suse linux.

• CVE-2024-12084Rsync: heap buffer overflow in rsync due to improper checksum length handling9.8Jan 15, 2025
• CVE-2024-12087Rsync: path traversal vulnerability in rsync6.5Jan 14, 2025
• CVE-2024-12088Rsync: --safe-links option bypass leads to path traversal6.5Jan 14, 2025
• CVE-2024-12086Rsync: rsync server leaks arbitrary client files6.1Jan 14, 2025
• CVE-2024-12085Rsync: info leak via uninitialized stack contents7.5Jan 14, 2025
• CVE-2023-39333Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not...5.3Sep 7, 2024
• CVE-2017-3224Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)8.2Jul 24, 2018
• CVE-2015-2567Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.3.5Apr 16, 2015
• CVE-2015-2566Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.2.8Apr 16, 2015
• CVE-2013-4854The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows re...7.8Jul 26, 2013
• CVE-2011-0988pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allo...4.4Apr 18, 2011
• CVE-2010-3912The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors.10.0Jan 12, 2011
• CVE-2010-3110Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors.7.2Oct 12, 2010
• CVE-2010-1507WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof sessi...5.0Sep 3, 2010
• CVE-2010-0230SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.7.5Jan 22, 2010