Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
SUSE Linux Enterprise Server Number Of NVD 472 CRITICAL 27 HIGH 179 MEDIUM 215 LOW 51
URL https://www.suse.com/
Explanation Support is normally provided for 10 years after release, with service pack releases ending after about 8 years.
After 10 years, extended support is available for a fee, with yearly updates.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://www.suse.com/lifecycle/
2 https://www.suse.com/support/policy/
3 https://www.suse.com/releasenotes/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
11 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP5 May 22, 2023 July 16, 2018 July 31, 2028 July 31, 2031 3 8 2 1
12 SUSE Linux Enterprise Server 12 Service Pack 5 Dec. 9, 2019 Oct. 24, 2014 Oct. 31, 2024 Oct. 31, 2027 18 41 78 9
13 SUSE Linux Enterprise Server 11 March 24, 2009 March 31, 2019 March 31, 2022 15 149 148 31
14 SUSE Linux Enterprise Server 10 June 17, 2006 July 31, 2013 6 104 65 23
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
11 7.8
4.6 		HIGH
Local 		An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring… CWE-77
Command Injection 		CVE-2021-45082 cpe:2.3:o:suse:linux_enterprise_server:15:sp3
cpe:2.3:o:suse:linux_enterprise_server:15:sp2
cpe:2.3:o:suse:linux_… 		2024-11-21 15:31
2022-02-19 		Show GitHub Exploit DB Packet Storm
12 7.8
7.2 		HIGH
Local 		A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users accor… CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write 		CVE-2021-4034 cpe:2.3:o:suse:linux_enterprise_server:15:sp2
cpe:2.3:o:suse:linux_enterprise_server:15:sp2 		2024-11-21 15:36
2022-01-29 		Show GitHub Exploit DB Packet Storm
13 7.5
5.0 		HIGH
Network 		The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exp… CWE-400
 Uncontrolled Resource Consumption 		CVE-2002-20001 cpe:2.3:o:suse:linux_enterprise_server:15:*
cpe:2.3:o:suse:linux_enterprise_server:12:-
cpe:2.3:o:suse:linux_ente… 		2024-11-21 08:42
2021-11-12 		Show GitHub Exploit DB Packet Storm
14 7.1
6.6 		HIGH
Local 		A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; ope… CWE-59
Link Following 		CVE-2021-32000 cpe:2.3:o:suse:linux_enterprise_server:15:sp1
cpe:2.3:o:suse:linux_enterprise_server:12:sp3 		2024-11-21 15:06
2021-07-28 		Show GitHub Exploit DB Packet Storm
15 7.1
3.6 		HIGH
Local 		lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around. CWE-190
 Integer Overflow or Wraparound 		CVE-2018-10195 cpe:2.3:o:suse:linux_enterprise_server:12:sp3
cpe:2.3:o:suse:linux_enterprise_server:11:sp4 		2024-11-21 12:40
2021-06-2 		Show GitHub Exploit DB Packet Storm
16 9.3
4.6 		CRITICAL
Local 		A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP … - CVE-2020-8025 cpe:2.3:o:suse:linux_enterprise_server:15:sp2
cpe:2.3:o:suse:linux_enterprise_server:15:sp1
cpe:2.3:o:suse:linux_… 		2024-11-21 14:38
2020-08-7 		Show GitHub Exploit DB Packet Storm
17 2.5
1.9 		LOW
Local 		A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for spe… - CVE-2020-8013 cpe:2.3:o:suse:linux_enterprise_server:15:*
cpe:2.3:o:suse:linux_enterprise_server:12:*
cpe:2.3:o:suse:linux_ente… 		2024-11-21 14:38
2020-03-3 		Show GitHub Exploit DB Packet Storm
18 9.8
7.5 		CRITICAL
Network 		A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code exec… CWE-416
 Use After Free 		CVE-2019-18903 cpe:2.3:o:suse:linux_enterprise_server:15:*
cpe:2.3:o:suse:linux_enterprise_server:12:* 		2024-11-21 13:33
2020-03-3 		Show GitHub Exploit DB Packet Storm
19 9.8
7.5 		CRITICAL
Network 		A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code exec… CWE-416
 Use After Free 		CVE-2019-18902 cpe:2.3:o:suse:linux_enterprise_server:15:*
cpe:2.3:o:suse:linux_enterprise_server:12:* 		2024-11-21 13:33
2020-03-3 		Show GitHub Exploit DB Packet Storm
20 5.5
2.1 		MEDIUM
Local 		A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers … - CVE-2019-18901 cpe:2.3:o:suse:linux_enterprise_server:15:*
cpe:2.3:o:suse:linux_enterprise_server:12:* 		2024-11-21 13:33
2020-03-3 		Show GitHub Exploit DB Packet Storm