The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of SLES

QEMU: denial of service via VirtFS Directory Sharing
An attacker, inside a guest system, can trigger a fatal error via VirtFS Directory Sharing of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-20181, DLA-2560-1, openSUSE-SU-2021:0363-1, SUSE-SU-2021:0521-1, USN-4725-1, VIGILANCE-VUL-34509, ZDI-21-159
Docker Engine/Moby: denial of service via Image Pull
An attacker can trigger a fatal error via Image Pull of Docker Engine/Moby, in order to trigger a denial of service...
CVE-2021-21285, DSA-4865-1, GHSA-6fj5-m822-rqx8, openSUSE-SU-2021:0278-1, SUSE-SU-2021:0435-1, SUSE-SU-2021:0445-1, VIGILANCE-VUL-34456
yast2-multipath: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of yast2-multipath...
CVE-2018-17955, SUSE-SU-2021:0182-1, VIGILANCE-VUL-34400
Linux kernel: NULL pointer dereference via DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC
An attacker can force a NULL pointer to be dereferenced via DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC of the Linux kernel, in order to trigger a denial of service...
1176846, CERTFR-2021-AVI-111, CERTFR-2021-AVI-120, CERTFR-2021-AVI-138, CVE-2020-25639, openSUSE-SU-2021:0075-1, SUSE-SU-2021:0347-1, SUSE-SU-2021:0348-1, SUSE-SU-2021:0353-1, SUSE-SU-2021:0354-1, SUSE-SU-2021:0427-1, SUSE-SU-2021:0433-1, SUSE-SU-2021:0434-1, SUSE-SU-2021:0438-1, SUSE-SU-2021:0532-1, VIGILANCE-VUL-34354
zypper: information disclosure via Logged HTTP Proxy Credentials
An attacker can bypass access restrictions to data via Logged HTTP Proxy Credentials of zypper, in order to obtain sensitive information...
CVE-2017-9271, FEDORA-2021-ebc1c35c5d, openSUSE-SU-2021:0059-1, SUSE-SU-2021:0109-1, VIGILANCE-VUL-34308
Linux kernel: out-of-bounds memory reading via nl80211_policy
An attacker can force a read at an invalid address via nl80211_polic of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
CERTFR-2021-AVI-021, CERTFR-2021-AVI-035, CERTFR-2021-AVI-111, CERTFR-2021-AVI-120, CERTFR-2021-AVI-125, CVE-2020-27068, openSUSE-SU-2021:0075-1, openSUSE-SU-2021:0242-1, SUSE-SU-2021:0094-1, SUSE-SU-2021:0095-1, SUSE-SU-2021:0096-1, SUSE-SU-2021:0097-1, SUSE-SU-2021:0098-1, SUSE-SU-2021:0108-1, SUSE-SU-2021:0117-1, SUSE-SU-2021:0118-1, SUSE-SU-2021:0133-1, SUSE-SU-2021:0434-1, SUSE-SU-2021:0437-1, SUSE-SU-2021:0438-1, SUSE-SU-2021:0452-1, SUSE-SU-2021:14630-1, VIGILANCE-VUL-34303
ImageMagick: denial of service via gem-private.h
An attacker can trigger a fatal error via gem-private.h of ImageMagick, in order to trigger a denial of service...
CVE-2020-27773, DLA-2523-1, openSUSE-SU-2021:0136-1, openSUSE-SU-2021:0148-1, SUSE-SU-2021:0153-1, SUSE-SU-2021:0156-1, SUSE-SU-2021:0199-1, VIGILANCE-VUL-34290
ImageMagick: denial of service via segment.c
An attacker can trigger a fatal error via segment.c of ImageMagick, in order to trigger a denial of service...
CVE-2020-27765, DLA-2523-1, openSUSE-SU-2021:0136-1, openSUSE-SU-2021:0148-1, SUSE-SU-2021:0153-1, SUSE-SU-2021:0156-1, SUSE-SU-2021:0199-1, SUSE-SU-2021:14598-1, VIGILANCE-VUL-34289
ImageMagick: denial of service via resize.c
An attacker can trigger a fatal error via resize.c of ImageMagick, in order to trigger a denial of service...
CVE-2020-27763, DLA-2523-1, openSUSE-SU-2021:0136-1, openSUSE-SU-2021:0148-1, SUSE-SU-2021:0153-1, SUSE-SU-2021:0156-1, SUSE-SU-2021:0199-1, SUSE-SU-2021:14598-1, VIGILANCE-VUL-34288
ImageMagick: denial of service via GammaImage
An attacker can trigger a fatal error via GammaImage() of ImageMagick, in order to trigger a denial of service...
CVE-2020-27760, DLA-2523-1, openSUSE-SU-2021:0136-1, openSUSE-SU-2021:0148-1, SUSE-SU-2021:0153-1, SUSE-SU-2021:0156-1, SUSE-SU-2021:0199-1, SUSE-SU-2021:14598-1, VIGILANCE-VUL-34287
Our database contains other pages. You can request a free trial to read them.

Display information about SLES: