Suse Linux Enterprise Software Development Kit vulnerabilities

296 known vulnerabilities affecting suse/linux_enterprise_software_development_kit.

Total CVEs

296

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL94HIGH39MEDIUM133LOW30

Vulnerabilities

Page 9 of 15

CVE-2013-5612MEDIUMCVSS 4.3v112013-12-11

CVE-2013-5612 [MEDIUM] CWE-79 CVE-2013-5612: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 ma Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.

nvd

CVE-2013-4365HIGHCVSS 7.5v112013-10-17

CVE-2013-4365 [HIGH] CWE-787 CVE-2013-4365: Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcg Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.

nvd

CVE-2013-3808MEDIUMCVSS 4.0v112013-07-17

CVE-2013-3808 [MEDIUM] CVE-2013-3808: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 a Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

nvd

CVE-2013-3805MEDIUMCVSS 4.0v112013-07-17

CVE-2013-3805 [MEDIUM] CVE-2013-3805: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.

nvd

CVE-2013-3794MEDIUMCVSS 4.0v112013-07-17

CVE-2013-3794 [MEDIUM] CVE-2013-3794: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

nvd

CVE-2013-3793MEDIUMCVSS 4.0v112013-07-17

CVE-2013-3793 [MEDIUM] CVE-2013-3793: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

nvd

CVE-2013-3801MEDIUMCVSS 5.0v112013-07-17

CVE-2013-3801 [MEDIUM] CVE-2013-3801: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

nvd

CVE-2013-3802MEDIUMCVSS 4.0v112013-07-17

CVE-2013-3802 [MEDIUM] CVE-2013-3802: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 a Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.

nvd

CVE-2013-3783MEDIUMCVSS 4.0v112013-07-17

CVE-2013-3783 [MEDIUM] CVE-2013-3783: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.

nvd

CVE-2013-3809MEDIUMCVSS 4.0v112013-07-17

CVE-2013-3809 [MEDIUM] CVE-2013-3809: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.

nvd

CVE-2013-3804MEDIUMCVSS 4.0v112013-07-17

CVE-2013-3804 [MEDIUM] CVE-2013-3804: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 a Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

nvd

CVE-2013-3812LOWCVSS 3.5v112013-07-17

CVE-2013-3812 [LOW] CVE-2013-3812: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

nvd

CVE-2013-1690HIGHCVSS 8.8KEVPoCv10v112013-06-26

CVE-2013-1690 [HIGH] CWE-119 CVE-2013-1690: Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderb Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that t

nvd

CVE-2013-2465CRITICALCVSS 9.8KEVPoCv112013-06-18

CVE-2013-2465 [CRITICAL] CWE-693 CVE-2013-2465: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2

nvd

CVE-2013-0800MEDIUMCVSS 6.8v10v112013-04-03

CVE-2013-0800 [MEDIUM] CVE-2013-0800: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values t

nvd

CVE-2013-1861MEDIUMCVSS 5.0PoCv112013-03-28

CVE-2013-1861 [MEDIUM] CWE-119 CVE-2013-1861: MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing

nvd

CVE-2013-0170MEDIUMCVSS 6.8v112013-02-08

CVE-2013-0170 [MEDIUM] CWE-416 CVE-2013-0170: Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvir Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which

nvd

CVE-2013-0753CRITICALCVSS 9.3PoCv10v112013-01-13

CVE-2013-0753 [CRITICAL] CWE-416 CVE-2013-0753: Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code v

nvd

CVE-2013-0746CRITICALCVSS 9.3v10v112013-01-13

CVE-2013-0746 [CRITICAL] CVE-2013-0746: Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird bef Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a den

nvd

CVE-2013-0754CRITICALCVSS 9.3v10v112013-01-13

CVE-2013-0754 [CRITICAL] CWE-416 CVE-2013-0754: Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, F Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the trigger

nvd

← Previous9 / 15Next →