suse

suse_linux_enterprise_desktop

11 known vulnerabilities · sorted by CVSS score

CVE-2020-6428

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

google / chrome+8

Network

Published Mar 23, 2020

CVE-2020-6427

HIGH8.8

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

google / chrome+8

Network

Published Mar 23, 2020

CVE-2020-6422

HIGH8.8

Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

google / chrome+8

Network

Published Mar 23, 2020

CVE-2020-6429

HIGH8.8

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

google / chrome+8

Network

Published Mar 23, 2020

CVE-2020-6424

HIGH8.8

Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

google / chrome+8

Network

Published Mar 23, 2020

CVE-2018-19655

HIGH8.8

A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file.

dcraw_project / dcraw+5

Network

Published Nov 29, 2018

CVE-2020-6449

HIGH8.8

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

google / chrome+8

Network

Published Mar 23, 2020

CVE-2020-6426

MEDIUM6.5

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

google / chrome+8

Network

Published Mar 23, 2020

CVE-2011-4190

MEDIUM5.9

The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files).

suse / suse_linux_enterprise_desktop+3

Network

Published Jun 8, 2018

CVE-2023-32182

MEDIUM5.9

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

opensuse / leap+2

Local

Published Sep 19, 2023

CVE-2017-5753

MEDIUM5.6

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

intel / core_i5+999

Local

Published Jan 4, 2018