The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of SUSE Linux Enterprise Desktop

gd: information disclosure via gdImageCreateFromXbm
An attacker can bypass access restrictions to data via gdImageCreateFromXbm() of gd, in order to obtain sensitive information...
CVE-2019-11038, openSUSE-SU-2020:0332-1, SSA:2020-083-01, SUSE-SU-2020:0623-1, USN-4316-1, USN-4316-2, VIGILANCE-VUL-31749
Apache mod_auth_openidc: open redirect via Slash Backslash
An attacker can deceive the user via Slash Backslash of Apache mod_auth_openidc, in order to redirect him to a malicious site...
CVE-2019-20479, DLA-2130-1, openSUSE-SU-2020:0376-1, SUSE-SU-2020:0705-1, SUSE-SU-2020:0706-1, VIGILANCE-VUL-31708
Linux kernel: out-of-bounds memory reading via f2fs ttm_put_pages
An attacker can force a read at an invalid address via f2fs ttm_put_pages() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
CERTFR-2020-AVI-119, CERTFR-2020-AVI-124, CERTFR-2020-AVI-130, CERTFR-2020-AVI-148, CVE-2019-19927, openSUSE-SU-2020:0336-1, SUSE-SU-2020:0511-1, SUSE-SU-2020:0558-1, SUSE-SU-2020:0560-1, SUSE-SU-2020:0580-1, SUSE-SU-2020:0605-1, VIGILANCE-VUL-31698
QEMU: NULL pointer dereference via AHCI
An attacker can force a NULL pointer to be dereferenced via AHCI of QEMU, in order to trigger a denial of service...
CVE-2019-12067, SUSE-SU-2020:0388-1, VIGILANCE-VUL-31618
libgd: NULL pointer dereference via gdImageClone
An attacker can force a NULL pointer to be dereferenced via gdImageClone() of libgd, in order to trigger a denial of service...
CVE-2018-14553, DLA-2106-1, openSUSE-SU-2020:0332-1, SSA:2020-083-01, SUSE-SU-2020:0594-1, SUSE-SU-2020:0623-1, USN-4316-1, USN-4316-2, VIGILANCE-VUL-31617
Linux kernel: infinite loop via ext4_protect_reserved_inode
An attacker can trigger an infinite loop via ext4_protect_reserved_inode() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2020-AVI-119, CERTFR-2020-AVI-124, CERTFR-2020-AVI-130, CVE-2020-8992, openSUSE-SU-2020:0336-1, SUSE-SU-2020:0511-1, SUSE-SU-2020:0558-1, SUSE-SU-2020:0559-1, SUSE-SU-2020:0560-1, SUSE-SU-2020:0580-1, SUSE-SU-2020:0649-1, SUSE-SU-2020:0667-1, SUSE-SU-2020:0688-1, VIGILANCE-VUL-31611
Nextcloud Server: privilege escalation via Group Admins User Creation
An attacker can bypass restrictions via Group Admins User Creation of Nextcloud Server, in order to escalate his privileges...
CVE-2019-15624, openSUSE-SU-2020:0220-1, openSUSE-SU-2020:0229-1, VIGILANCE-VUL-31607
SUSE wicked: memory leak via DHCP4 FSM Other Client IDs
An attacker can create a memory leak via DHCP4 FSM Other Client IDs of SUSE wicked, in order to trigger a denial of service...
CVE-2020-7217, openSUSE-SU-2020:0207-1, SUSE-SU-2020:0347-1, SUSE-SU-2020:0351-1, SUSE-SU-2020:0358-1, SUSE-SU-2020:0369-1, SUSE-SU-2020:0370-1, SUSE-SU-2020:0410-1, VIGILANCE-VUL-31542
Linux kernel: use after free via n_tty_receive_buf_common
An attacker can force the usage of a freed memory area via n_tty_receive_buf_common() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
206361, CERTFR-2020-AVI-119, CERTFR-2020-AVI-124, CERTFR-2020-AVI-130, CVE-2020-8648, openSUSE-SU-2020:0336-1, SSA:2020-086-01, SUSE-SU-2020:0511-1, SUSE-SU-2020:0558-1, SUSE-SU-2020:0559-1, SUSE-SU-2020:0560-1, SUSE-SU-2020:0580-1, SUSE-SU-2020:0649-1, SUSE-SU-2020:0667-1, SUSE-SU-2020:0688-1, SUSE-SU-2020:0836-1, VIGILANCE-VUL-31537
systemd: use after free via Asynchronous Polkit Queries
An attacker can force the usage of a freed memory area via Asynchronous Polkit Queries of systemd, in order to trigger a denial of service, and possibly to run code...
CVE-2020-1712, openSUSE-SU-2020:0208-1, PROJ-ZERO-1971, RHSA-2020:0564-01, RHSA-2020:0575-01, SUSE-SU-2020:0331-1, SUSE-SU-2020:0335-1, SUSE-SU-2020:0353-1, USN-4269-1, VIGILANCE-VUL-31527
Our database contains other pages. You can request a free trial to read them.

Display information about SUSE Linux Enterprise Desktop: