Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Opensuse Subscribe
Total 3164 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15218 6 Canonical, Debian, Linux and 3 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
CVE-2019-15219 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
CVE-2019-15220 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
CVE-2019-15221 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
CVE-2019-15222 3 Linux, Netapp, Opensuse 8 Linux Kernel, Active Iq Unified Manager, Baseboard Management Controller H410c and 5 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
CVE-2019-15216 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
CVE-2019-15215 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
CVE-2020-11077 4 Debian, Fedoraproject, Opensuse and 1 more 4 Debian Linux, Fedora, Leap and 1 more 2023-03-03 5.0 MEDIUM 7.5 HIGH
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.
CVE-2019-16255 4 Debian, Opensuse, Oracle and 1 more 4 Debian Linux, Leap, Graalvm and 1 more 2023-03-03 6.8 MEDIUM 8.1 HIGH
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.
CVE-2019-14980 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2023-03-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
CVE-2019-14973 4 Debian, Fedoraproject, Libtiff and 1 more 4 Debian Linux, Fedora, Libtiff and 1 more 2023-03-02 4.3 MEDIUM 6.5 MEDIUM
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
CVE-2019-11721 2 Mozilla, Opensuse 2 Firefox, Leap 2023-03-02 4.3 MEDIUM 6.5 MEDIUM
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.
CVE-2019-11720 2 Mozilla, Opensuse 2 Firefox, Leap 2023-03-02 4.3 MEDIUM 6.1 MEDIUM
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68.
CVE-2019-13296 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2023-03-02 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.
CVE-2019-13298 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2023-03-02 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.
CVE-2019-13299 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2023-03-02 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.
CVE-2019-13302 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2023-03-02 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
CVE-2019-13303 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2023-03-02 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.
CVE-2019-13308 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2023-03-02 6.8 MEDIUM 8.8 HIGH
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
CVE-2019-13310 3 Canonical, Imagemagick, Opensuse 3 Ubuntu Linux, Imagemagick, Leap 2023-03-02 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.