Suse Linux Enterprise Server vulnerabilities
472 known vulnerabilities affecting suse/linux_enterprise_server.
Total CVEs
472
CISA KEV
17
actively exploited
Public exploits
51
Exploited in wild
19
Severity breakdown
CRITICAL116HIGH91MEDIUM215LOW50
Vulnerabilities
Page 9 of 24
CVE-2014-0223MEDIUMCVSS 4.6v11.02014-11-04
CVE-2014-0223 [MEDIUM] CWE-189 CVE-2014-0223: Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users t
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.
nvd
CVE-2014-6478MEDIUMCVSS 4.3v122014-10-15
CVE-2014-6478 [MEDIUM] CVE-2014-6478: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.
nvd
CVE-2014-6505MEDIUMCVSS 4.0v122014-10-15
CVE-2014-6505 [MEDIUM] CVE-2014-6505: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.
nvd
CVE-2014-6494MEDIUMCVSS 4.3v122014-10-15
CVE-2014-6494 [MEDIUM] CVE-2014-6494: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.
nvd
CVE-2014-6564MEDIUMCVSS 4.0v122014-10-15
CVE-2014-6564 [MEDIUM] CVE-2014-6564: Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated user
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.
nvd
CVE-2014-6559MEDIUMCVSS 4.3v122014-10-15
CVE-2014-6559 [MEDIUM] CVE-2014-6559: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.
nvd
CVE-2014-6484MEDIUMCVSS 4.0v122014-10-15
CVE-2014-6484 [MEDIUM] CVE-2014-6484: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.
nvd
CVE-2014-6520MEDIUMCVSS 4.0v122014-10-15
CVE-2014-6520 [MEDIUM] CVE-2014-6520: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated user
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.
nvd
CVE-2014-4287MEDIUMCVSS 4.0v122014-10-15
CVE-2014-4287 [MEDIUM] CVE-2014-4287: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.
nvd
CVE-2014-6530MEDIUMCVSS 6.5v122014-10-15
CVE-2014-6530 [MEDIUM] CVE-2014-6530: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.
nvd
CVE-2014-6507MEDIUMCVSS 4.3v122014-10-15
CVE-2014-6507 [MEDIUM] CVE-2014-6507: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
nvd
CVE-2014-6555MEDIUMCVSS 6.5v122014-10-15
CVE-2014-6555 [MEDIUM] CVE-2014-6555: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
nvd
CVE-2014-6495MEDIUMCVSS 4.3v122014-10-15
CVE-2014-6495 [MEDIUM] CVE-2014-6495: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.
nvd
CVE-2014-6469MEDIUMCVSS 6.8v122014-10-15
CVE-2014-6469 [MEDIUM] CVE-2014-6469: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.
nvd
CVE-2014-6496MEDIUMCVSS 4.3v122014-10-15
CVE-2014-6496 [MEDIUM] CVE-2014-6496: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.
nvd
CVE-2014-6464MEDIUMCVSS 4.0v122014-10-15
CVE-2014-6464 [MEDIUM] CVE-2014-6464: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.
nvd
CVE-2014-6463LOWCVSS 3.3v122014-10-15
CVE-2014-6463 [LOW] CVE-2014-6463: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.
nvd
CVE-2014-6474LOWCVSS 3.5v122014-10-15
CVE-2014-6474 [LOW] CVE-2014-6474: Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated user
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.
nvd
CVE-2014-6551LOWCVSS 2.1v122014-10-15
CVE-2014-6551 [LOW] CVE-2014-6551: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows lo
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.
nvd
CVE-2014-7169CRITICALCVSS 9.8KEVPoCv10v11+1 more2014-09-25
CVE-2014-7169 [CRITICAL] CVE-2014-7169: GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definiti
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgi
nvd