Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
SUSE Linux Enterprise Server Number Of NVD 472 CRITICAL 27 HIGH 179 MEDIUM 215 LOW 51
URL https://www.suse.com/
Explanation Support is normally provided for 10 years after release, with service pack releases ending after about 8 years.
After 10 years, extended support is available for a fee, with yearly updates.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://www.suse.com/lifecycle/
2 https://www.suse.com/support/policy/
3 https://www.suse.com/releasenotes/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
451 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP5 May 22, 2023 July 16, 2018 July 31, 2028 July 31, 2031 3 8 2 1
452 SUSE Linux Enterprise Server 12 Service Pack 5 Dec. 9, 2019 Oct. 24, 2014 Oct. 31, 2024 Oct. 31, 2027 18 41 78 9
453 SUSE Linux Enterprise Server 11 March 24, 2009 March 31, 2019 March 31, 2022 15 149 148 31
454 SUSE Linux Enterprise Server 10 June 17, 2006 July 31, 2013 6 104 65 23
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
451 6.5
4.3 		MEDIUM
Network 		Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) vi… CWE-416
 Use After Free 		CVE-2009-2416 cpe:2.3:o:suse:linux_enterprise_server:9:* 2026-04-23 09:35
2009-08-12 		Show GitHub Exploit DB Packet Storm
452 -
5.0 		MEDIUM XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote atta… NVD-CWE-Other
CVE-2009-2625 cpe:2.3:o:suse:linux_enterprise_server:9:*
cpe:2.3:o:suse:linux_enterprise_server:11:-
cpe:2.3:o:suse:linux_enter… 		2026-04-23 09:35
2009-08-7 		Show GitHub Exploit DB Packet Storm
453 5.9
6.8 		MEDIUM
Network 		Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the … CWE-295
Improper Certificate Validation  		CVE-2009-2408 cpe:2.3:o:suse:linux_enterprise_server:9:* 2026-04-23 09:35
2009-07-31 		Show GitHub Exploit DB Packet Storm
454 -
4.3 		MEDIUM Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site… CWE-79
Cross-site Scripting 		CVE-2009-2472 cpe:2.3:o:suse:linux_enterprise_server:11:-
cpe:2.3:o:suse:linux_enterprise_server:10:sp2 		2026-04-23 09:35
2009-07-23 		Show GitHub Exploit DB Packet Storm
455 4.7
1.9 		MEDIUM
Local 		The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local… CWE-667
 Improper Locking 		CVE-2009-1961 cpe:2.3:o:suse:linux_enterprise_server:11:- 2026-04-23 09:35
2009-06-8 		Show GitHub Exploit DB Packet Storm
456 7.5
5.0 		HIGH
Network 		The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to … CWE-776
XML Entity Expansion 		CVE-2009-1955 cpe:2.3:o:suse:linux_enterprise_server:9:* 2026-04-23 09:35
2009-06-8 		Show GitHub Exploit DB Packet Storm
457 -
2.1 		LOW Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with … CWE-120
Classic Buffer Overflow 		CVE-2009-1186 cpe:2.3:o:suse:linux_enterprise_server:11:-
cpe:2.3:o:suse:linux_enterprise_server:10:sp2 		2026-04-23 09:35
2009-04-17 		Show GitHub Exploit DB Packet Storm
458 -
7.2 		HIGH udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. CWE-346
 Origin Validation Error 		CVE-2009-1185 cpe:2.3:o:suse:linux_enterprise_server:11:-
cpe:2.3:o:suse:linux_enterprise_server:10:sp2 		2026-04-23 09:35
2009-04-17 		Show GitHub Exploit DB Packet Storm
459 -
7.5 		HIGH Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcm… CWE-190
 Integer Overflow or Wraparound 		CVE-2009-0946 cpe:2.3:o:suse:linux_enterprise_server:11:-
cpe:2.3:o:suse:linux_enterprise_server:10:- 		2026-04-23 09:35
2009-04-17 		Show GitHub Exploit DB Packet Storm
460 7.8
7.2 		HIGH
Local 		The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating syste… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2009-0115 cpe:2.3:o:suse:linux_enterprise_server:9:*
cpe:2.3:o:suse:linux_enterprise_server:10:- 		2026-04-23 09:35
2009-03-31 		Show GitHub Exploit DB Packet Storm