Filtered by vendor Opensuse
Subscribe
Total
3164 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10360 | 3 Canonical, File Project, Opensuse | 3 Ubuntu Linux, File, Leap | 2019-05-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. | |||||
| CVE-2016-0611 | 4 Canonical, Opensuse, Oracle and 1 more | 5 Ubuntu Linux, Leap, Opensuse and 2 more | 2019-05-01 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | |||||
| CVE-2019-9894 | 5 Debian, Fedoraproject, Netapp and 2 more | 5 Debian Linux, Fedora, Oncommand Unified Manager and 2 more | 2019-04-26 | 6.4 MEDIUM | 7.5 HIGH |
| A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. | |||||
| CVE-2018-20615 | 4 Canonical, Haproxy, Opensuse and 1 more | 5 Ubuntu Linux, Haproxy, Leap and 2 more | 2019-04-25 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame. | |||||
| CVE-2014-7926 | 6 Canonical, Google, Icu-project and 3 more | 9 Ubuntu Linux, Chrome, International Components For Unicode and 6 more | 2019-04-23 | 7.5 HIGH | N/A |
| The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier. | |||||
| CVE-2014-7923 | 6 Canonical, Google, Icu-project and 3 more | 9 Ubuntu Linux, Chrome, International Components For Unicode and 6 more | 2019-04-23 | 7.5 HIGH | N/A |
| The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression. | |||||
| CVE-2013-4854 | 10 Fedoraproject, Freebsd, Hp and 7 more | 12 Fedora, Freebsd, Hp-ux and 9 more | 2019-04-22 | 7.8 HIGH | N/A |
| The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. | |||||
| CVE-2016-0610 | 6 Canonical, Debian, Mariadb and 3 more | 7 Ubuntu Linux, Debian Linux, Mariadb and 4 more | 2019-04-22 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | |||||
| CVE-2013-2174 | 4 Canonical, Haxx, Opensuse and 1 more | 5 Ubuntu Linux, Curl, Libcurl and 2 more | 2019-04-22 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character. | |||||
| CVE-2013-2217 | 3 Jeff Ortel, Opensuse, Redhat | 3 Suds, Opensuse, Enterprise Linux | 2019-04-22 | 1.2 LOW | N/A |
| cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/. | |||||
| CVE-2016-0607 | 4 Canonical, Opensuse, Oracle and 1 more | 5 Ubuntu Linux, Leap, Opensuse and 2 more | 2019-04-22 | 2.8 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication. | |||||
| CVE-2014-5177 | 2 Opensuse, Redhat | 4 Opensuse, Enterprise Linux, Enterprise Virtualization and 1 more | 2019-04-22 | 1.2 LOW | N/A |
| libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors. | |||||
| CVE-2016-0643 | 6 Debian, Ibm, Mariadb and 3 more | 6 Debian Linux, Powerkvm, Mariadb and 3 more | 2019-04-22 | 4.0 MEDIUM | 3.3 LOW |
| Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML. | |||||
| CVE-2016-0655 | 5 Debian, Mariadb, Opensuse and 2 more | 5 Debian Linux, Mariadb, Leap and 2 more | 2019-04-22 | 3.5 LOW | 4.7 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB. | |||||
| CVE-2016-2150 | 5 Debian, Microsoft, Opensuse and 2 more | 12 Debian Linux, Windows, Leap and 9 more | 2019-04-22 | 3.6 LOW | 7.1 HIGH |
| SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261. | |||||
| CVE-2018-17294 | 3 Canonical, Liblouis, Opensuse | 3 Ubuntu Linux, Liblouis, Leap | 2019-04-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. | |||||
| CVE-2018-14522 | 3 Aubio, Opensuse, Suse | 3 Aubio, Leap, Linux Enterprise | 2019-04-17 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes. | |||||
| CVE-2016-7447 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2019-04-15 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. | |||||
| CVE-2016-7446 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2019-04-15 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317. | |||||
| CVE-2019-3858 | 5 Debian, Fedoraproject, Libssh2 and 2 more | 5 Debian Linux, Fedora, Libssh2 and 2 more | 2019-04-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. | |||||