Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-3630

  • EPSS 5.19%
  • Veröffentlicht 13.04.2016 16:59:20
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.

8.8

CVE-2016-3069

  • EPSS 2.83%
  • Veröffentlicht 13.04.2016 16:59:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.

8.8

CVE-2016-3068

  • EPSS 5%
  • Veröffentlicht 13.04.2016 16:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.

6.5

CVE-2016-2191

Exploit
  • EPSS 2.84%
  • Veröffentlicht 13.04.2016 16:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.

7.5

CVE-2015-8080

Exploit
  • EPSS 2.73%
  • Veröffentlicht 13.04.2016 15:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and appl...

10

CVE-2016-4007

  • EPSS 1.31%
  • Veröffentlicht 13.04.2016 14:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the obs-service-extract_file package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip w...

8.1

CVE-2016-1866

  • EPSS 0.89%
  • Veröffentlicht 12.04.2016 14:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.

7.5

CVE-2015-8614

  • EPSS 1.39%
  • Veröffentlicht 11.04.2016 21:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) conv_euctojis, and (3) conv_sjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese ch...

6.2

CVE-2015-5969

  • EPSS 0.13%
  • Veröffentlicht 08.04.2016 15:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Lin...

10

CVE-2016-2324

  • EPSS 35.46%
  • Veröffentlicht 08.04.2016 14:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.