| SUSE Linux Enterprise Server | Number Of NVD | 472 | CRITICAL | 27 | HIGH | 179 | MEDIUM | 215 | LOW | 51 |
| URL | https://www.suse.com/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Support is normally provided for 10 years after release, with service pack releases ending after about 8 years. After 10 years, extended support is available for a fee, with yearly updates. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://www.suse.com/lifecycle/ | ||
| 2 | https://www.suse.com/support/policy/ | ||
| 3 | https://www.suse.com/releasenotes/ |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 41 | SUSE Linux Enterprise Server 15 | SUSE Linux Enterprise Server 15 SP5 | May 22, 2023 | July 16, 2018 | July 31, 2028 | July 31, 2031 | 3 | 8 | 2 | 1 | |
| 42 | SUSE Linux Enterprise Server 12 | Service Pack 5 | Dec. 9, 2019 | Oct. 24, 2014 | Oct. 31, 2024 | Oct. 31, 2027 | 18 | 41 | 78 | 9 | |
| 43 | SUSE Linux Enterprise Server 11 | March 24, 2009 | March 31, 2019 | March 31, 2022 | 15 | 149 | 148 | 31 | |||
| 44 | SUSE Linux Enterprise Server 10 | June 17, 2006 | July 31, 2013 | 6 | 104 | 65 | 23 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 41 |
7.5 5.0 |
HIGH
Network |
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. |
CWE-119 CWE-190 Incorrect Access of Indexable Resource ('Range Error') Integer Overflow or Wraparound |
CVE-2018-17962 |
cpe:2.3:o:suse:linux_enterprise_server:15:* cpe:2.3:o:suse:linux_enterprise_server:12:* cpe:2.3:o:suse:linux_ente… |
2024-11-21 12:55 2018-10-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 42 |
9.8 7.5 |
CRITICAL
Network |
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can res… |
CWE-295
Improper Certificate Validation |
CVE-2016-1000030 | cpe:2.3:o:suse:linux_enterprise_server:11:sp4 |
2024-11-21 11:42 2018-09-6 |
Show | GitHub Exploit DB Packet Storm | ||||
| 43 |
7.8 4.6 |
HIGH
Local |
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. |
CWE-119 CWE-362 Incorrect Access of Indexable Resource ('Range Error') Race Condition |
CVE-2018-7566 | cpe:2.3:o:suse:linux_enterprise_server:12:* |
2024-11-21 13:12 2018-03-31 |
Show | GitHub Exploit DB Packet Storm | ||||
| 44 |
9.8 10.0 |
CRITICAL
Network |
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memor… |
CWE-416
Use After Free |
CVE-2017-18017 |
cpe:2.3:o:suse:linux_enterprise_server:12:sp3 cpe:2.3:o:suse:linux_enterprise_server:12:sp2 cpe:2.3:o:suse:linux_… |
2024-11-21 12:19 2018-01-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 45 |
7.8 7.2 |
HIGH
Local |
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_A… |
CWE-787
Out-of-bounds Write |
CVE-2017-17806 |
cpe:2.3:o:suse:linux_enterprise_server:12:sp3 cpe:2.3:o:suse:linux_enterprise_server:12:sp2 cpe:2.3:o:suse:linux_… |
2024-11-21 12:18 2017-12-21 |
Show | GitHub Exploit DB Packet Storm | ||||
| 46 |
7.8 7.2 |
HIGH
Local |
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYP… |
CWE-20
Improper Input Validation |
CVE-2017-17805 |
cpe:2.3:o:suse:linux_enterprise_server:12:sp3 cpe:2.3:o:suse:linux_enterprise_server:12:sp2 cpe:2.3:o:suse:linux_… |
2024-11-21 12:18 2017-12-21 |
Show | GitHub Exploit DB Packet Storm | ||||
| 47 |
6.6 7.2 |
MEDIUM
Physics |
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces … |
CWE-787
Out-of-bounds Write |
CVE-2017-17558 |
cpe:2.3:o:suse:linux_enterprise_server:11:sp4 cpe:2.3:o:suse:linux_enterprise_server:11:extra |
2024-11-21 12:18 2017-12-13 |
Show | GitHub Exploit DB Packet Storm | ||||
| 48 |
7.8 7.2 |
HIGH
Local |
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of… |
CWE-416
Use After Free |
CVE-2017-15115 | cpe:2.3:o:suse:linux_enterprise_server:11:sp4 |
2024-11-21 12:14 2017-11-16 |
Show | GitHub Exploit DB Packet Storm | ||||
| 49 |
5.3 2.9 |
MEDIUM
Adjacent |
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response fra… |
CWE-330
Use of Insufficiently Random Values |
CVE-2017-13088 |
cpe:2.3:o:suse:linux_enterprise_server:12:* cpe:2.3:o:suse:linux_enterprise_server:11:sp4 cpe:2.3:o:suse:linux_en… |
2024-11-21 12:10 2017-10-17 |
Show | GitHub Exploit DB Packet Storm | ||||
| 50 |
5.3 2.9 |
MEDIUM
Adjacent |
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowin… |
CWE-330
Use of Insufficiently Random Values |
CVE-2017-13087 |
cpe:2.3:o:suse:linux_enterprise_server:12:* cpe:2.3:o:suse:linux_enterprise_server:11:sp4 cpe:2.3:o:suse:linux_en… |
2024-11-21 12:10 2017-10-17 |
Show | GitHub Exploit DB Packet Storm |