Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-10896

Exploit
  • EPSS 12.26%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.

7.5

CVE-2019-10899

Exploit
  • EPSS 13.04%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

7.5

CVE-2019-10901

Exploit
  • EPSS 14.8%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

7.5

CVE-2019-10903

Exploit
  • EPSS 13.04%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

7.5

CVE-2019-10894

Exploit
  • EPSS 13.04%
  • Veröffentlicht 09.04.2019 04:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

7.8

CVE-2019-0211

Warnung Exploit
  • EPSS 85.73%
  • Veröffentlicht 08.04.2019 22:29:00
  • Zuletzt bearbeitet 04.04.2025 15:34:11

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with...

7.5

CVE-2019-0217

  • EPSS 34.78%
  • Veröffentlicht 08.04.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:16:30

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictio...

5.5

CVE-2019-1788

Exploit
  • EPSS 13.76%
  • Veröffentlicht 08.04.2019 20:29:11
  • Zuletzt bearbeitet 21.11.2024 04:37:22

A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected ...

9.8

CVE-2019-11005

Exploit
  • EPSS 2.6%
  • Veröffentlicht 08.04.2019 19:29:05
  • Zuletzt bearbeitet 21.11.2024 04:20:20

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impa...

9.1

CVE-2019-11006

Exploit
  • EPSS 0.63%
  • Veröffentlicht 08.04.2019 19:29:05
  • Zuletzt bearbeitet 21.11.2024 04:20:20

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.