Suse Linux
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Suse Linux.
By the Year
In 2025 there have been 2 vulnerabilities in Suse Linux with an average score of 7.2 out of ten. Suse Linux did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2025 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 2 | 7.15 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Suse Linux vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Suse Linux Security Vulnerabilities
A flaw was found in rsync
CVE-2024-12086
6.8 - Medium
- January 14, 2025
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.
Detection of Error Condition Without Action
A path traversal vulnerability exists in rsync
CVE-2024-12087
7.5 - High
- January 14, 2025
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
Directory traversal
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which
CVE-2005-1767
- August 05, 2005
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
Linux kernel 2.6 and 2.4 on the IA64 architecture
CVE-2005-1761
- August 05, 2005
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
Improper Input Validation
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents
CVE-2004-0940
7.8 - High
- February 09, 2005
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
Incorrect Calculation of Buffer Size
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0
CVE-2004-0937
- February 09, 2005
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004
CVE-2004-0932
- January 27, 2005
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
RAV antivirus allows remote attackers to bypass antivirus protection
CVE-2004-0936
- January 27, 2005
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Eset Anti-Virus before 1.020 (16th September 2004)
CVE-2004-0935
- January 27, 2005
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Kaspersky 3.x to 4.x
CVE-2004-0934
- January 27, 2005
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3
CVE-2004-0933
- January 27, 2005
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new
CVE-2004-1096
- January 10, 2005
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher
CVE-2004-1491
- December 31, 2004
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
Mozilla Firefox 0.9.2
CVE-2004-0867
- December 23, 2004
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.
Permissions, Privileges, and Access Controls
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7
CVE-2004-1139
- December 15, 2004
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
Ethereal 0.9.0 through 0.10.7
CVE-2004-1142
- December 15, 2004
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1
CVE-2004-0687
- October 20, 2004
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
Internet Explorer 6.0
CVE-2004-0866
- September 16, 2004
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2
CVE-2002-0083
9.8 - Critical
- March 15, 2002
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
off-by-five
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux
CVE-2002-0062
- March 08, 2002
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
Classic Buffer Overflow
XFree86 startx command is vulnerable to a symlink attack
CVE-1999-0433
- March 21, 1999
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
The default permissions of /dev/kmem in Linux versions before 2.0.36
CVE-1999-0426
9.8 - Critical
- March 01, 1999
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
Incorrect Default Permissions
Bash treats any character with a value of 255 as a command separator.
CVE-1999-0234
- October 08, 1996
Bash treats any character with a value of 255 as a command separator.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Suse Linux or by Suse? Click the Watch button to subscribe.
