Home/Product/suse linux enterprise workstation extension
Product

suse linux enterprise workstation extension

141 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-31431
all versions
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This m
7.8HIGH
 CVE-2021-4034
all versions
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed
7.8HIGH
 CVE-2019-11038
all versions
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PH
5.3MEDIUM
 CVE-2017-18017
all versions
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows re
9.8CRITICAL
 CVE-2016-9959
all versions
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
7.8HIGH
 CVE-2016-9958
all versions
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
7.8HIGH
 CVE-2016-9957
all versions
Stack-based buffer overflow in game-music-emu before 0.6.1.
7.8HIGH
 CVE-2014-9851
all versions
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
7.5HIGH
 CVE-2014-9850
all versions
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
7.5HIGH
 CVE-2014-9849
all versions
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
7.5HIGH
 CVE-2014-9848
all versions
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
7.5HIGH
 CVE-2014-9847
all versions
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
9.8CRITICAL
 CVE-2014-9846
all versions
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified im
9.8CRITICAL
 CVE-2014-9845
all versions
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrup
5.5MEDIUM
 CVE-2014-9844
all versions
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-boun
5.5MEDIUM
 CVE-2014-9843
all versions
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown
9.8CRITICAL
 CVE-2014-9842
all versions
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of serv
7.5HIGH
 CVE-2014-9841
all versions
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown v
9.8CRITICAL
 CVE-2014-9853
all versions
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted
5.5MEDIUM
 CVE-2014-9852
all versions
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecifie
9.8CRITICAL
 CVE-2016-4997
all versions
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel be
7.8HIGH
 CVE-2016-5244
all versions
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member,
7.5HIGH
 CVE-2016-1583
all versions
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privile
7.8HIGH
 CVE-2016-4171
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unkno
9.8CRITICAL
 CVE-2016-4156
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4155
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4154
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4153
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4152
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4151
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4150
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4149
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4148
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4147
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4146
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4145
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4144
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4143
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4142
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4141
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4140
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4139
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4138
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
9.8CRITICAL
 CVE-2016-4137
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4136
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4135
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4134
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4133
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4132
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4131
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4130
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4129
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4128
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4127
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4125
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4124
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4123
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-4122
all versions
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet
8.8HIGH
 CVE-2016-5118
all versions
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code
9.8CRITICAL
 CVE-2016-4805
all versions
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denia
7.8HIGH
 CVE-2016-4569
all versions
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data struct
5.5MEDIUM
 CVE-2016-4486
all versions
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data stru
3.3LOW
 CVE-2016-4482
all versions
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data struc
6.2MEDIUM
 CVE-2016-4117
all versions
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited
9.8CRITICAL
 CVE-2016-3718
all versions
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-sid
5.5MEDIUM
 CVE-2016-3715
all versions
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a
5.5MEDIUM
 CVE-2016-3951
all versions
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cau
4.6MEDIUM
 CVE-2016-3689
all versions
The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate a
4.6MEDIUM
 CVE-2016-3140
all versions
The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate a
4.6MEDIUM
 CVE-2016-3138
all versions
The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to ca
4.6MEDIUM
 CVE-2016-3137
all versions
drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of servic
4.6MEDIUM
 CVE-2016-3136
all versions
The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate a
4.6MEDIUM
 CVE-2016-2188
all versions
The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attacker
4.6MEDIUM
 CVE-2016-2186
all versions
The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attack
4.6MEDIUM
 CVE-2016-2185
all versions
The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate at
4.6MEDIUM
 CVE-2016-3672
all versions
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy
7.8HIGH
 CVE-2016-3156
all versions
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to
5.5MEDIUM
 CVE-2016-3139
all versions
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers
4.6MEDIUM
 CVE-2016-3134
all versions
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gai
8.4HIGH
 CVE-2016-2847
all versions
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a de
6.2MEDIUM
 CVE-2016-2782
all versions
The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cau
4.6MEDIUM
 CVE-2016-2184
all versions
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows p
4.6MEDIUM
 CVE-2015-8845
all versions
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ens
5.5MEDIUM
 CVE-2015-8816
all versions
The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface da
6.8MEDIUM
 CVE-2016-0668
all versions
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x b
4.1MEDIUM
 CVE-2016-0651
all versions
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Opti
5.5MEDIUM
 CVE-2016-0642
all versions
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to aff
4.7MEDIUM
 CVE-2015-8551
all versions
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows loca
6.0MEDIUM
 CVE-2015-5969
all versions
The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1
6.2MEDIUM
 CVE-2015-8651
all versions
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.2
8.8HIGH
 CVE-2015-0272
all versions
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an
 CVE-2015-7645
all versions
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux
7.8HIGH
 CVE-2015-5123
all versions
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through
9.8CRITICAL
 CVE-2015-5122
all versions
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x thro
9.8CRITICAL
 CVE-2015-5119
all versions
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through
9.8CRITICAL
 CVE-2015-3113
all versions
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and
9.8CRITICAL
 CVE-2015-3044
all versions
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux
 CVE-2015-3043
all versions
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux
9.8CRITICAL
 CVE-2014-8160
all versions
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling o
 CVE-2015-0313
all versions
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X a
9.8CRITICAL
 CVE-2015-0311
all versions
Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X
9.8CRITICAL
 CVE-2015-0432
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via v
 CVE-2015-0391
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to
 CVE-2015-0382
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect avail
 CVE-2015-0381
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect avail
 CVE-2015-0374
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to af
 CVE-2014-6568
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to
 CVE-2014-9585
all versions
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the
 CVE-2014-9584
all versions
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value
 CVE-2014-8559
all versions
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, whi
5.5MEDIUM
 CVE-2014-3690
all versions
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in th
5.5MEDIUM
 CVE-2014-3687
all versions
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 al
7.5HIGH
 CVE-2014-3673
all versions
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via
7.5HIGH
 CVE-2014-6564
all versions
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via v
 CVE-2014-6559
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect con
 CVE-2014-6555
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to af
 CVE-2014-6551
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidenti
 CVE-2014-6530
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to
 CVE-2014-6520
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via v
 CVE-2014-6507
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to
 CVE-2014-6505
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to
 CVE-2014-6496
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect ava
 CVE-2014-6495
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect ava
 CVE-2014-6494
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect ava
 CVE-2014-6484
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to
 CVE-2014-6478
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect int
 CVE-2014-6474
all versions
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via v
 CVE-2014-6469
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to af
 CVE-2014-6464
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to af
 CVE-2014-6463
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to af
 CVE-2014-4287
all versions
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to af
 CVE-2014-4260
all versions
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote
 CVE-2014-4258
all versions
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote au
 CVE-2014-4207
all versions
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to af
 CVE-2014-2494
all versions
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to af
 CVE-2014-2978
all versions
The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a
 CVE-2014-2977
all versions
Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.
 CVE-2014-3470
all versions
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, w
 CVE-2014-0221
all versions
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allow
 CVE-2014-0198
all versions
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly
 CVE-2010-5298
all versions
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, al
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin