Suse Linux Enterprise Workstation Extension
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Suse Linux Enterprise Workstation Extension.
By the Year
In 2025 there have been 0 vulnerabilities in Suse Linux Enterprise Workstation Extension. Linux Enterprise Workstation Extension did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 7.80 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 1 | 9.80 |
It may take a day or so for new Linux Enterprise Workstation Extension vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Suse Linux Enterprise Workstation Extension Security Vulnerabilities
A local privilege escalation vulnerability was found on polkit's pkexec utility
CVE-2021-4034
7.8 - High
- January 28, 2022
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
Out-of-bounds Read
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36
CVE-2017-18017
9.8 - Critical
- January 03, 2018
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
Dangling pointer
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which
CVE-2014-9852
9.8 - Critical
- March 17, 2017
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
Improper Control of Dynamically-Managed Code Resources
Memory leak in coders/rle.c in ImageMagick
CVE-2014-9853
5.5 - Medium
- March 17, 2017
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
Resource Management Errors
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4135
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4152
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4134
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4133
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4132
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4131
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4155
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4154
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4153
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4150
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4149
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Object Type Confusion
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4129
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4128
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4123
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4171
9.8 - Critical
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4130
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4127
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4125
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4124
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4122
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4151
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Memory Corruption
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4137
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4156
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4148
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4147
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4146
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4145
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4144
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4136
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4143
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4142
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4141
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4140
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4139
8.8 - High
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier
CVE-2016-4138
9.8 - Critical
- June 16, 2016
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick
CVE-2016-5118
9.8 - Critical
- June 10, 2016
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
Adobe Flash Player 21.0.0.226 and earlier
CVE-2016-4117
9.8 - Critical
- May 11, 2016
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1
CVE-2016-3715
5.5 - Medium
- May 05, 2016
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1
CVE-2016-3718
5.5 - Medium
- May 05, 2016
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
SSRF
The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device
CVE-2016-2782
4.6 - Medium
- April 27, 2016
The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.
NULL Pointer Dereference
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier
CVE-2016-0651
5.5 - Medium
- April 21, 2016
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12
CVE-2016-0668
4.1 - Medium
- April 21, 2016
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier
CVE-2016-0642
4.7 - Medium
- April 21, 2016
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions
CVE-2015-8551
6 - Medium
- April 13, 2016
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."
NULL Pointer Dereference
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233
CVE-2015-8651
8.8 - High
- December 28, 2015
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
Integer Overflow or Wraparound
GNOME NetworkManager
CVE-2015-0272
- November 17, 2015
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle Linux or by Suse? Click the Watch button to subscribe.
