Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
SUSE Linux Enterprise Server Number Of NVD 472 CRITICAL 27 HIGH 179 MEDIUM 215 LOW 51
URL https://www.suse.com/
Explanation Support is normally provided for 10 years after release, with service pack releases ending after about 8 years.
After 10 years, extended support is available for a fee, with yearly updates.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://www.suse.com/lifecycle/
2 https://www.suse.com/support/policy/
3 https://www.suse.com/releasenotes/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP5 May 22, 2023 July 16, 2018 July 31, 2028 July 31, 2031 3 8 2 1
2 SUSE Linux Enterprise Server 12 Service Pack 5 Dec. 9, 2019 Oct. 24, 2014 Oct. 31, 2024 Oct. 31, 2027 18 41 78 9
3 SUSE Linux Enterprise Server 11 March 24, 2009 March 31, 2019 March 31, 2022 15 149 148 31
4 SUSE Linux Enterprise Server 10 June 17, 2006 July 31, 2013 6 104 65 23
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1 5.5
- 		MEDIUM
Local 		An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. CWE-125
Out-of-bounds Read 		CVE-2024-46955 cpe:2.3:o:suse:linux_enterprise_server:12:sp5
cpe:2.3:o:suse:linux_enterprise_server:12:sp5
cpe:2.3:o:suse:linux_… 		2024-11-14 10:53
2024-11-11 		Show GitHub Exploit DB Packet Storm
2 7.8
- 		HIGH
Local 		An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and… CWE-190
 Integer Overflow or Wraparound 		CVE-2024-46953 cpe:2.3:o:suse:linux_enterprise_server:12:sp5
cpe:2.3:o:suse:linux_enterprise_server:12:sp5
cpe:2.3:o:suse:linux_… 		2024-11-14 11:01
2024-11-11 		Show GitHub Exploit DB Packet Storm
3 7.8
- 		HIGH
Local 		An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution. CWE-125
Out-of-bounds Read 		CVE-2024-46956 cpe:2.3:o:suse:linux_enterprise_server:12:sp5
cpe:2.3:o:suse:linux_enterprise_server:12:sp5
cpe:2.3:o:suse:linux_… 		2024-11-15 05:39
2024-11-11 		Show GitHub Exploit DB Packet Storm
4 7.8
- 		HIGH
Local 		An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution. CWE-824
 Access of Uninitialized Pointer 		CVE-2024-46951 cpe:2.3:o:suse:linux_enterprise_server:12:sp5
cpe:2.3:o:suse:linux_enterprise_server:12:sp5
cpe:2.3:o:suse:linux_… 		2024-11-14 11:13
2024-11-11 		Show GitHub Exploit DB Packet Storm
5 7.5
- 		HIGH
Network 		The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-o… NVD-CWE-noinfo
CVE-2023-29552 cpe:2.3:o:suse:linux_enterprise_server:15:*
cpe:2.3:o:suse:linux_enterprise_server:15:*
cpe:2.3:o:suse:linux_ente… 		2024-11-21 16:57
2023-04-26 		Show GitHub Exploit DB Packet Storm
6 5.5
- 		MEDIUM
Local 		In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is di… CWE-476
 NULL Pointer Dereference 		CVE-2023-23005 cpe:2.3:o:suse:linux_enterprise_server:15:sp5 2024-11-21 16:45
2023-03-2 		Show GitHub Exploit DB Packet Storm
7 7.8
- 		HIGH
Local 		An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4… - CVE-2022-45153 cpe:2.3:o:suse:linux_enterprise_server:12:sp5 2024-11-21 16:28
2023-02-15 		Show GitHub Exploit DB Packet Storm
8 4.4
- 		MEDIUM
Local 		A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path compone… - CVE-2022-31252 cpe:2.3:o:suse:linux_enterprise_server:12:sp5 2024-11-21 16:04
2022-10-7 		Show GitHub Exploit DB Packet Storm
9 5.5
- 		MEDIUM
Local 		IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores pl… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2015-1931 cpe:2.3:o:suse:linux_enterprise_server:11:sp4
cpe:2.3:o:suse:linux_enterprise_server:11:sp3
cpe:2.3:o:suse:linux_… 		2024-11-21 11:26
2022-09-29 		Show GitHub Exploit DB Packet Storm
10 7.8
7.2 		HIGH
Local 		In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. CWE-787
 Out-of-bounds Write 		CVE-2022-27239 cpe:2.3:o:suse:linux_enterprise_server:15:sp4
cpe:2.3:o:suse:linux_enterprise_server:15:sp3
cpe:2.3:o:suse:linux_… 		2024-11-21 15:55
2022-04-27 		Show GitHub Exploit DB Packet Storm