Filtered by vendor Suse Subscriptions
Total 1185 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-6507 4 Mariadb, Oracle, Redhat and 1 more 10 Mariadb, Mysql, Solaris and 7 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
CVE-2014-6505 4 Mariadb, Oracle, Redhat and 1 more 9 Mariadb, Mysql, Enterprise Linux and 6 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.
CVE-2014-6496 4 Juniper, Mariadb, Oracle and 1 more 8 Junos Space, Mariadb, Mysql and 5 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.
CVE-2014-6495 4 Juniper, Mariadb, Oracle and 1 more 8 Junos Space, Mariadb, Mysql and 5 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.
CVE-2014-6494 4 Juniper, Mariadb, Oracle and 1 more 8 Junos Space, Mariadb, Mysql and 5 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.
CVE-2014-6484 4 Mariadb, Oracle, Redhat and 1 more 9 Mariadb, Mysql, Enterprise Linux and 6 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.
CVE-2014-6478 4 Juniper, Mariadb, Oracle and 1 more 8 Junos Space, Mariadb, Mysql and 5 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.
CVE-2014-6474 3 Mariadb, Oracle, Suse 6 Mariadb, Mysql, Linux Enterprise Desktop and 3 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.
CVE-2014-6469 4 Mariadb, Oracle, Redhat and 1 more 10 Mariadb, Mysql, Solaris and 7 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.
CVE-2014-6464 4 Mariadb, Oracle, Redhat and 1 more 9 Mariadb, Mysql, Enterprise Linux and 6 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.
CVE-2014-6463 4 Mariadb, Oracle, Redhat and 1 more 10 Mariadb, Mysql, Solaris and 7 more 2024-11-21 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.
CVE-2014-6271 17 Apple, Arista, Canonical and 14 more 90 Mac Os X, Eos, Ubuntu Linux and 87 more 2024-11-21 9.8 Critical
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
CVE-2014-5077 4 Canonical, Linux, Redhat and 1 more 12 Ubuntu Linux, Linux Kernel, Enterprise Linux and 9 more 2024-11-21 N/A
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.
CVE-2014-4943 5 Debian, Linux, Opensuse and 2 more 9 Debian Linux, Linux Kernel, Opensuse and 6 more 2024-11-21 N/A
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
CVE-2014-4667 5 Canonical, Debian, Linux and 2 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2024-11-21 N/A
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.
CVE-2014-4656 4 Canonical, Linux, Redhat and 1 more 11 Ubuntu Linux, Linux Kernel, Enterprise Linux and 8 more 2024-11-21 N/A
Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.
CVE-2014-4655 4 Canonical, Linux, Redhat and 1 more 5 Ubuntu Linux, Linux Kernel, Enterprise Linux and 2 more 2024-11-21 N/A
The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.
CVE-2014-4654 4 Canonical, Linux, Redhat and 1 more 5 Ubuntu Linux, Linux Kernel, Enterprise Linux and 2 more 2024-11-21 N/A
The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call.
CVE-2014-4653 4 Canonical, Linux, Redhat and 1 more 5 Ubuntu Linux, Linux Kernel, Enterprise Linux and 2 more 2024-11-21 N/A
sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.
CVE-2014-4652 4 Canonical, Linux, Redhat and 1 more 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more 2024-11-21 N/A
Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.