Suse Linux Enterprise Desktop Suse Linux Enterprise Desktop

stack.watch can notify you when security vulnerabilities are reported in Suse Linux Enterprise Desktop. You can add multiple products that you use with Suse Linux Enterprise Desktop to create your own personal software stack watcher.

By the Year

In 2020 there have been 7 vulnerabilities in Suse Linux Enterprise Desktop with an average score of 8.5 out of ten. Last year Suse Linux Enterprise Desktop had 0 security vulnerabilities published. That is, 7 more vulnerabilities have already been reported in 2020 as compared to last year.

Year Vulnerabilities Average Score
2020 7 8.47
2019 0 0.00
2018 2 7.20

It may take a day or so for new Suse Linux Enterprise Desktop vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Suse Linux Enterprise Desktop Security Vulnerabilities

Use after free in WebGL in Google Chrome prior to 80.0.3987.149

CVE-2020-6422 8.8 - High - March 23, 2020

Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Dangling pointer

Use after free in media in Google Chrome prior to 80.0.3987.149

CVE-2020-6424 8.8 - High - March 23, 2020

Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Dangling pointer

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149

CVE-2020-6426 6.5 - Medium - March 23, 2020

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Use after free in audio in Google Chrome prior to 80.0.3987.149

CVE-2020-6427 8.8 - High - March 23, 2020

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Dangling pointer

Use after free in audio in Google Chrome prior to 80.0.3987.149

CVE-2020-6428 8.8 - High - March 23, 2020

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Dangling pointer

Use after free in audio in Google Chrome prior to 80.0.3987.149

CVE-2020-6429 8.8 - High - March 23, 2020

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Dangling pointer

Use after free in audio in Google Chrome prior to 80.0.3987.149

CVE-2020-6449 8.8 - High - March 23, 2020

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Dangling pointer

A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may

CVE-2018-19655 8.8 - High - November 29, 2018

A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file.

Memory Corruption

Systems with microprocessors utilizing speculative execution and branch prediction may

CVE-2017-5753 5.6 - Medium - January 04, 2018

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Information Leak

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1

CVE-2015-5707 - October 19, 2015

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.

Integer Overflow or Wraparound