Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
SUSE Linux Enterprise Server Number Of NVD 472 CRITICAL 27 HIGH 179 MEDIUM 215 LOW 51
URL https://www.suse.com/
Explanation Support is normally provided for 10 years after release, with service pack releases ending after about 8 years.
After 10 years, extended support is available for a fee, with yearly updates.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://www.suse.com/lifecycle/
2 https://www.suse.com/support/policy/
3 https://www.suse.com/releasenotes/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
81 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP5 May 22, 2023 July 16, 2018 July 31, 2028 July 31, 2031 3 8 2 1
82 SUSE Linux Enterprise Server 12 Service Pack 5 Dec. 9, 2019 Oct. 24, 2014 Oct. 31, 2024 Oct. 31, 2027 18 41 78 9
83 SUSE Linux Enterprise Server 11 March 24, 2009 March 31, 2019 March 31, 2022 15 149 148 31
84 SUSE Linux Enterprise Server 10 June 17, 2006 July 31, 2013 6 104 65 23
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
81 5.5
4.3 		MEDIUM
Local 		The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newlin… CWE-125
Out-of-bounds Read 		CVE-2015-8925 cpe:2.3:o:suse:linux_enterprise_server:12:sp1 2024-11-21 11:39
2016-09-20 		Show GitHub Exploit DB Packet Storm
82 9.8
7.5 		CRITICAL
Network 		Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a deni… CWE-415
 Double Free 		CVE-2016-5772 cpe:2.3:o:suse:linux_enterprise_server:11:sp4 2024-11-21 11:54
2016-08-7 		Show GitHub Exploit DB Packet Storm
83 7.5
5.0 		HIGH
Network 		ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547. CWE-476
 NULL Pointer Dereference 		CVE-2016-4957 cpe:2.3:o:suse:linux_enterprise_server:12:sp1
cpe:2.3:o:suse:linux_enterprise_server:11:sp4
cpe:2.3:o:suse:linux_… 		2024-11-21 11:53
2016-07-5 		Show GitHub Exploit DB Packet Storm
84 5.3
5.0 		MEDIUM
Network 		ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists beca… NVD-CWE-noinfo
CVE-2016-4956 cpe:2.3:o:suse:linux_enterprise_server:12:sp1
cpe:2.3:o:suse:linux_enterprise_server:11:sp4
cpe:2.3:o:suse:linux_… 		2024-11-21 11:53
2016-07-5 		Show GitHub Exploit DB Packet Storm
85 5.9
4.3 		MEDIUM
Network 		ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packe… CWE-362
Race Condition 		CVE-2016-4955 cpe:2.3:o:suse:linux_enterprise_server:12:sp1
cpe:2.3:o:suse:linux_enterprise_server:11:sp4
cpe:2.3:o:suse:linux_… 		2024-11-21 11:53
2016-07-5 		Show GitHub Exploit DB Packet Storm
86 7.5
5.0 		HIGH
Network 		The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many sou… CWE-362
Race Condition 		CVE-2016-4954 cpe:2.3:o:suse:linux_enterprise_server:12:sp1
cpe:2.3:o:suse:linux_enterprise_server:11:sp4
cpe:2.3:o:suse:linux_… 		2024-11-21 11:53
2016-07-5 		Show GitHub Exploit DB Packet Storm
87 7.5
5.0 		HIGH
Network 		ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at… CWE-287
Improper Authentication 		CVE-2016-4953 cpe:2.3:o:suse:linux_enterprise_server:12:sp1
cpe:2.3:o:suse:linux_enterprise_server:11:sp4
cpe:2.3:o:suse:linux_… 		2024-11-21 11:53
2016-07-5 		Show GitHub Exploit DB Packet Storm
88 7.5
5.0 		HIGH
Network 		The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from k… CWE-200
Information Exposure 		CVE-2016-5244 cpe:2.3:o:suse:linux_enterprise_server:11:sp4
cpe:2.3:o:suse:linux_enterprise_server:11:extra 		2024-11-21 11:53
2016-06-27 		Show GitHub Exploit DB Packet Storm
89 9.8
10.0 		CRITICAL
Network 		The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. NVD-CWE-noinfo
CVE-2016-5118 cpe:2.3:o:suse:linux_enterprise_server:12:-
cpe:2.3:o:suse:linux_enterprise_server:12.0:sp1 		2024-11-21 11:53
2016-06-11 		Show GitHub Exploit DB Packet Storm
90 9.1
6.4 		CRITICAL
Network 		The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject … CWE-200
Information Exposure 		CVE-2015-5041 cpe:2.3:o:suse:linux_enterprise_server:12:sp1
cpe:2.3:o:suse:linux_enterprise_server:11:sp4
cpe:2.3:o:suse:linux_… 		2024-11-21 11:32
2016-06-7 		Show GitHub Exploit DB Packet Storm