National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:suse:suse_linux_enterprise_server:11.0:sp3:~~~vmware~~
There are 13 matching records.
Vuln ID Summary CVSS Severity
CVE-2011-3172

A vulnerability in pam_modules of SUSE SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE SUSE Linux Enterprise: versions prior to 12.

Published: June 08, 2018; 09:29:00 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

Published: August 09, 2017; 12:29:00 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

Published: April 28, 2015; 10:59:02 AM -04:00
    V2: 2.9 LOW
CVE-2015-0505

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

Published: April 16, 2015; 12:59:54 PM -04:00
    V2: 3.5 LOW
CVE-2015-0500

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.

Published: April 16, 2015; 12:59:49 PM -04:00
    V2: 4.0 MEDIUM
CVE-2015-0439

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

Published: April 16, 2015; 12:59:04 PM -04:00
    V2: 4.0 MEDIUM
CVE-2014-8121

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.

Published: March 27, 2015; 10:59:03 AM -04:00
    V2: 5.0 MEDIUM
CVE-2015-0413

Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.

Published: January 21, 2015; 02:59:02 PM -05:00
    V2: 1.9 LOW
CVE-2014-4260

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

Published: July 17, 2014; 07:17:10 AM -04:00
    V2: 5.5 MEDIUM
CVE-2014-1490

Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.

Published: February 06, 2014; 12:44:25 AM -05:00
    V2: 5.0 MEDIUM
CVE-2013-3812

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

Published: July 17, 2013; 09:41:16 AM -04:00
    V2: 3.5 LOW
CVE-2013-3794

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

Published: July 17, 2013; 09:41:16 AM -04:00
    V2: 4.0 MEDIUM
CVE-2013-3793

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

Published: July 17, 2013; 09:41:16 AM -04:00
    V2: 4.0 MEDIUM