Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*
There are 11 matching records.
Displaying matches 1 through 11.
Vuln ID Summary CVSS Severity
CVE-2015-6815

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

Published: January 31, 2020; 5:15:11 PM -0500
V3.1: 3.5 LOW
V2.0: 2.7 LOW
CVE-2015-0439

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

Published: April 16, 2015; 12:59:04 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-0438

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

Published: April 16, 2015; 12:59:03 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-0433

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.

Published: April 16, 2015; 12:59:02 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-0423

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Published: April 16, 2015; 12:59:01 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-0405

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.

Published: April 16, 2015; 12:59:00 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-0395

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Published: January 21, 2015; 1:59:38 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Published: October 14, 2014; 8:55:02 PM -0400
V3.1: 3.4 LOW
V2.0: 4.3 MEDIUM
CVE-2014-7970

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.

Published: October 13, 2014; 6:55:08 AM -0400
V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2013-4419

The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.

Published: November 05, 2013; 3:55:29 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-3567

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.

Published: August 19, 2013; 7:55:08 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH