Filtered by vendor Opensuse
Subscribe
Total
3283 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-14466 | 6 Apple, Debian, Fedoraproject and 3 more | 6 Mac Os X, Debian Linux, Fedora and 3 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). | |||||
CVE-2019-18391 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Leap, Enterprise Linux and 1 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. | |||||
CVE-2019-13702 | 2 Google, Opensuse | 2 Chrome, Backports Sle | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable. | |||||
CVE-2013-2637 | 2 Opensuse, Otrs | 3 Opensuse, Faq, Otrs Itsm | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2019-19081 | 3 Linux, Opensuse, Redhat | 3 Linux Kernel, Leap, Enterprise Linux | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a. | |||||
CVE-2013-7370 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Openshift and 1 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware | |||||
CVE-2019-17450 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | |||||
CVE-2019-5163 | 2 Opensuse, Shadowsocks | 3 Backports, Leap, Shadowsocks-libev | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability. | |||||
CVE-2019-20014 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. | |||||
CVE-2020-6610 | 2 Gnu, Opensuse | 3 Libredwg, Backports, Leap | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | |||||
CVE-2019-3697 | 2 Gnu, Opensuse | 2 Gnump3d, Leap | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions. | |||||
CVE-2019-20011 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c. | |||||
CVE-2018-14463 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. | |||||
CVE-2019-18390 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Leap, Enterprise Linux and 1 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. | |||||
CVE-2011-1490 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset | |||||
CVE-2019-5188 | 6 Canonical, Debian, E2fsprogs Project and 3 more | 8 Ubuntu Linux, Debian Linux, E2fsprogs and 5 more | 2024-02-28 | 4.4 MEDIUM | 6.7 MEDIUM |
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. | |||||
CVE-2020-6399 | 2 Google, Opensuse | 2 Chrome, Backports Sle | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
CVE-2019-20015 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. | |||||
CVE-2019-17595 | 2 Gnu, Opensuse | 2 Ncurses, Leap | 2024-02-28 | 5.8 MEDIUM | 5.4 MEDIUM |
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | |||||
CVE-2019-19880 | 8 Debian, Netapp, Opensuse and 5 more | 12 Debian Linux, Cloud Backup, Backports Sle and 9 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. |