Filtered by vendor Opensuse
Subscribe
Total
3286 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8386 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character. | |||||
| CVE-2017-13078 | 7 Canonical, Debian, Freebsd and 4 more | 12 Ubuntu Linux, Debian Linux, Freebsd and 9 more | 2025-04-20 | 2.9 LOW | 5.3 MEDIUM |
| Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. | |||||
| CVE-2017-5335 | 2 Gnu, Opensuse | 2 Gnutls, Leap | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | |||||
| CVE-2017-9814 | 2 Cairographics, Opensuse | 2 Cairo, Leap | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call. | |||||
| CVE-2016-5317 | 3 Libtiff, Opensuse, Opensuse Project | 3 Libtiff, Opensuse, Leap | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. | |||||
| CVE-2016-10064 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | |||||
| CVE-2016-7448 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. | |||||
| CVE-2014-9854 | 4 Canonical, Imagemagick, Opensuse and 1 more | 7 Ubuntu Linux, Imagemagick, Leap and 4 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." | |||||
| CVE-2016-10050 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file. | |||||
| CVE-2016-7797 | 5 Clusterlabs, Opensuse, Opensuse Project and 2 more | 7 Pacemaker, Leap, Leap and 4 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. | |||||
| CVE-2016-8682 | 3 Debian, Graphicsmagick, Opensuse | 3 Debian Linux, Graphicsmagick, Opensuse | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. | |||||
| CVE-2017-6318 | 2 Opensuse, Sane-backends Project | 2 Leap, Sane-backends | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. | |||||
| CVE-2017-13081 | 7 Canonical, Debian, Freebsd and 4 more | 12 Ubuntu Linux, Debian Linux, Freebsd and 9 more | 2025-04-20 | 2.9 LOW | 5.3 MEDIUM |
| Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. | |||||
| CVE-2016-10068 | 3 Imagemagick, Opensuse, Opensuse Project | 3 Imagemagick, Leap, Leap | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. | |||||
| CVE-2014-9849 | 4 Canonical, Imagemagick, Opensuse and 1 more | 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2015-3405 | 7 Debian, Fedoraproject, Ntp and 4 more | 13 Debian Linux, Fedora, Ntp and 10 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys. | |||||
| CVE-2016-9961 | 5 Fedoraproject, Game-music-emu Project, Novell and 2 more | 7 Fedora, Game-music-emu, Suse Linux Enterprise Desktop and 4 more | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| game-music-emu before 0.6.1 mishandles unspecified integer values. | |||||
| CVE-2016-5177 | 5 Debian, Fedoraproject, Google and 2 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2016-9399 | 3 Fedoraproject, Jasper Project, Opensuse | 3 Fedora, Jasper, Leap | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. | |||||
| CVE-2016-10165 | 6 Canonical, Debian, Littlecms and 3 more | 19 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 16 more | 2025-04-20 | 5.8 MEDIUM | 7.1 HIGH |
| The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. | |||||