The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of SUSE Linux Enterprise Server

Cyrus SASL: buffer overflow via _sasl_add_string
An attacker can trigger a buffer overflow via _sasl_add_string() of Cyrus SASL, in order to trigger a denial of service, and possibly to run code...
587, 9123, CVE-2019-19906, DLA-2044-1, DSA-4591-1, FEDORA-2020-bf829f9a84, HT211288, HT211289, RHSA-2020:4497-01, SUSE-SU-2020:14579-1, SUSE-SU-2020:3939-1, USN-4256-1, VIGILANCE-VUL-31207
SUSE LE: file corruption via trousers
A local attacker can create a symbolic link during the installation or the update of the trousers package, in order to alter the pointed file, with root privileges...
1157651, CVE-2019-18898, openSUSE-SU-2020:0015-1, openSUSE-SU-2020:0744-1, SUSE-SU-2019:3349-1, VIGILANCE-VUL-31195
Apache Log4j 1.2: code execution via Socket Server Deserialization
An attacker can use a vulnerability via Socket Server Deserialization of Apache Log4j 1.2, in order to run code...
6198380, 6371652, cpuapr2020, cpujul2020, CVE-2019-17571, DLA-2065-1, DSA-4686-1, KB0085481, NTAP-20200110-0001, openSUSE-SU-2020:0051-1, SUSE-SU-2020:0053-1, SUSE-SU-2020:0054-1, SUSE-SU-2020:14267-1, USN-4495-1, VIGILANCE-VUL-31193
Apache Tomcat: privilege escalation via FORM authentication session fixation
An attacker can bypass restrictions via FORM authentication session fixation of Apache Tomcat, in order to escalate his privileges...
CERTFR-2019-AVI-643, cpuapr2020, CVE-2019-17563, DLA-2077-1, DLA-2209-1, DSA-4596-1, DSA-4680-1, HPESBUX04015, K24551552, openSUSE-SU-2020:0038-1, RHSA-2020:4004-01, RHSA-2021:0882-01, RHSA-2021:1030-01, SUSE-SU-2020:0029-1, SUSE-SU-2020:0226-1, SUSE-SU-2020:0632-1, USN-4251-1, VIGILANCE-VUL-31188
Apache Tomcat: privilege escalation via JMX Remote Lifecycle Listener
An attacker can bypass restrictions via JMX Remote Lifecycle Listener of Apache Tomcat, in order to escalate his privileges...
CERTFR-2019-AVI-643, cpuapr2020, CVE-2019-12418, DLA-2077-1, DLA-2155-1, DSA-4596-1, DSA-4680-1, HPESBUX04015, openSUSE-SU-2020:0038-1, SUSE-SU-2020:0029-1, SUSE-SU-2020:0226-1, SUSE-SU-2020:0632-1, USN-4251-1, VIGILANCE-VUL-31187
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
6208032, 6208039, 6208048, 6208052, 6208328, 6208330, 6208332, 6208333, 6208336, CERTFR-2019-AVI-641, CVE-2019-11044, CVE-2019-11045, CVE-2019-11046, CVE-2019-11047, CVE-2019-11049, CVE-2019-11050, DLA-2050-1, DSA-4626-1, DSA-4628-1, FEDORA-2019-437d94e271, FEDORA-2019-a54a622670, openSUSE-SU-2020:0080-1, RHSA-2020:3662-01, RHSA-2020:5275-01, SUSE-SU-2020:0101-1, SUSE-SU-2020:0267-1, SUSE-SU-2020:0352-1, SUSE-SU-2020:0522-1, SUSE-SU-2020:14289-1, USN-4239-1, VIGILANCE-VUL-31183
Google Chrome: use after free via Media Picker
An attacker can force the usage of a freed memory area via Media Picker of Google Chrome, in order to trigger a denial of service, and possibly to run code...
CERTFR-2019-AVI-638, CVE-2019-13767, DSA-4606-1, FEDORA-2019-5fdceffcb9, FEDORA-2020-4355ea258e, openSUSE-SU-2019:2712-1, openSUSE-SU-2020:0007-1, PROJ-ZERO-1985, RHSA-2020:0005-01, VIGILANCE-VUL-31182
Apache SpamAssassin: denial of service via Security Note
An attacker can trigger a fatal error via Security Note of Apache SpamAssassin, in order to trigger a denial of service...
CVE-2019-12420, DLA-2037-1, DSA-4584-1, openSUSE-SU-2021:0551-1, RHSA-2020:3973-01, RHSA-2020:4625-01, SUSE-SU-2021:1152-1, SUSE-SU-2021:1153-1, SUSE-SU-2021:1163-1, USN-4237-1, USN-4237-2, VIGILANCE-VUL-31159
Node.js npm CLI: three vulnerabilities
An attacker can use several vulnerabilities of Node.js npm CLI...
CVE-2019-16775, CVE-2019-16776, CVE-2019-16777, FEDORA-2020-595ce5e3cc, FEDORA-2020-830d8a1a92, NPM-1434, NPM-1436, NPM-1437, openSUSE-SU-2020:0059-1, RHSA-2020:0573-01, RHSA-2020:0579-01, RHSA-2020:0597-01, RHSA-2020:0602-01, RHSA-2020:2625-01, SUSE-SU-2020:0043-1, SUSE-SU-2020:0063-1, SUSE-SU-2020:0104-1, SUSE-SU-2020:0247-1, SUSE-SU-2020:0429-1, VIGILANCE-VUL-31144
Linux kernel: use after free via debugfs_remove
An attacker can force the usage of a freed memory area via debugfs_remove() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
205713, CERTFR-2020-AVI-241, CERTFR-2020-AVI-242, CERTFR-2020-AVI-256, CERTFR-2020-AVI-710, CERTFR-2021-AVI-006, CVE-2019-19770, DLA-2483-1, openSUSE-SU-2020:0543-1, RHSA-2020:4431-01, RHSA-2020:4609-01, SUSE-SU-2020:1084-1, SUSE-SU-2020:1085-1, SUSE-SU-2020:1087-1, SUSE-SU-2020:1118-1, SUSE-SU-2020:1119-1, SUSE-SU-2020:1123-1, SUSE-SU-2020:1141-1, SUSE-SU-2020:1142-1, SUSE-SU-2020:1146-1, SUSE-SU-2020:1663-1, USN-4680-1, VIGILANCE-VUL-31150
Our database contains other pages. You can request a free trial to read them.

Display information about SUSE Linux Enterprise Server: